|
Home > |
|---|
The LunaCM utility (lunacm) is the client-side administrative command interface for SafeNet HSMs.
From a client/host computer, LunaCM can interact with, and perform operations on any, or all, of the following:
•internally installed SafeNet PCI-E HSM 6.x HSMs (K6 HSM card)
•locally USB-connected SafeNet USB HSMs
•remotely located SafeNet Network HSM application partitions, made available by a NTLS or STC network link between the distant HSM appliance and partition(s) and the local client computer.
1.Open a Command Prompt or console window.
2.Go to the SafeNet HSM Client software directory and start the LunaCM utility:
| Windows |
C:\> cd c:\Program Files\SafeNet\LunaClient C:\Program Files\SafeNet\LunaClient\> lunacm |
| Linux/AIX |
> cd /usr/safenet/lunaclient/bin > ./lunacm |
| Solaris/HP-UX |
> cd /opt/safenet/lunaclient/bin > ./lunacm |
Some preliminary status information is displayed, followed by the lunacm:> command-line prompt.
3.You can now issue any lunacm utility command to manage your SafeNet HSM. For a summary, type "help" and press [Enter].
Note: For SafeNet PCI-E HSM and SafeNet USB HSM, LunaCM is used to administer both the HSM as HSM SO, and the application partition, as HSM SO for HSMs with firmware older than 6.22.0, or as Partition SO for HSMs with firmware 6.22.0 and newer.
Note: For SafeNet Network HSM, LunaCM is used to manage application partitions (assuming an NTLS or STC link between your SafeNet HSM Client computer and the SafeNet Network HSM appliance). LunaCM is not used to perform HSM-wide administration by the HSM SO on SafeNet Network HSM - for that you must log into a LunaSH (lunash) session via SSH.
LunaCM depends on the availability of HSM partitions in order to be useful. If no application partition has been created, then only the HSM SO (administrative) partition is available, against which to run commands.
If the Chrystoki.conf / Crystoki.ini configuration file [Presentation] setting "ShowAdminTokens=" is set to no, then the HSM administrative partition/slot is also unavailable, and LunaCM is not usable. If you know you have a working SafeNet PCI-E HSM or SafeNet USB HSM attached to your Client computer and LunaCM shows no usable commands, then verify in your Chrystoki.conf or Crystoki.ini file that "ShowAdminTokens" is not set to no.