|
Home > |
|---|
Cache a deployed PKI token's PED key data. Clients can then connect, authenticate with their token password, and perform operations with token objects, without need for hands-on PED operations each time. Activation/cacheing endures until terminated by token removal or appliance power off. If a token has not been activated, then each access attempt by a Client causes a login call which initiates a SafeNet PED operation (requiring the appropriate black PED Key). Unattended operation is possible while the token is activated.
An external SafeNet HSM can be USB-connected to a SafeNet Network HSM appliance for:
•local backup/restore operations (SafeNet Backup HSM)
•PKI bundle operations (SafeNet USB HSM)
SafeNet Network HSM does not pass PED operations and data through to an externally connected SafeNet HSM from a SafeNet PED that is connected locally to the SafeNet Network HSM.
If the external HSM is PED-authenticated, then the options for SafeNet PED connection are:
•local PED connection, directly to the affected HSM, when needed, or
•Remote PED connection, passed through the SafeNet Network HSM
Note: Support for PKI Bundles with Remote PED begins at firmware version 6.10.1 in the external HSM.
Note: Support for locally connected Backup HSM with Remote PED,
begins at firmware version 6.10.1 in the external HSM.
Note: Use of Remote PED with an external device is made possible when you set up with the commands
hsm ped vector init -serial <serial#_of_external_HSM>
and
hsm ped connect -serial <serial#_of_external_HSM>
before using token pki or token backup commands.
token pki activate -label <token_label>
| Parameter | Shortcut | Description |
|---|---|---|
| -label | -l | Specifies the name of the inserted, deployed token to activate. Use the token pki listdeployed command to get the token name. |
lunash:> token pki activate -label mylunaca4-1
'token activate' successful.