Home >

Appliance Administration Guide > Configuration without One-step NTLS > [Step 9] Configure PPSO Application Partitions > Initialize the Crypto User Role on a PW-Auth PPSO Partition

Initialize the Crypto User Role on a PW-Auth PPSO Partition

These instructions assume

a Password-authenticated SafeNet HSM has been initialized,

an application partition has been created,

a Crypto Officer has been created for the partition, and

the Crypto Officer password has been conveyed to the person responsible for the Crypto Officer role. See Initialize the Partition SO and Crypto Officer Roles on a PW-Auth PPSO Partition.

As Crypto Officer, you can do the following:

Create a Crypto User (limited access user) for the application partition  

Create, delete, change and manipulate cryptographic objects on the application partition, either for your own use or for use by the Crypto User.

To initialize the Crypto User role

1.Set the active slot to the desired application partition, where the Crypto Officer was just created.
Type slot set -slot <slot number> 

lunacm:> slot set -slot 0

        Current Slot Id:    0     (Luna User Slot 6.22.0 (PW) Signing With Cloning Mode)


Command Result : No Error

lunacm:>

 

2.Log in as the Crypto Officer.
Type role login -name Crypto Officer  

 

lunacm:> role login -name Crypto Officer -password $3cr3t



Command Result : No Error

lunacm:>

 

3.Create the Crypto User.
Type role init -name Crypto User  

 

lunacm:> role init -name Crypto User -password 0ther$ecret

 

Command Result : No Error

lunacm:>

 

The Crypto User can now log in to use applications to perform cryptographic operations using keys and objects created in the partition by the Crypto Officer.

SafeNet Network HSM 6.3 Product Documentation
007-011136-015 Rev. A 14 July 2017 Copyright 2001-2017 Gemalto All rights reserved.