Home >

LunaSH Command Reference Guide > LunaSH Commands > token > token pki update

token pki update

Access the pki update commands to update the token capabilities or firmware.

LunaSH token pki commands on SafeNet Network HSM would be unable to see SafeNet USB HSM PKI slots connected to a remote workstation. Either connect theSafeNet USB HSM locally to the SafeNet Network HSM USB port to use token backup commands, or use VTL commands on an HSM connected to a computer configured as a Client of your SafeNet Network HSM.

An external SafeNet HSM can be USB-connected to a SafeNet Network HSM appliance for:

local backup/restore operations (SafeNet Backup HSM)

PKI bundle operations (SafeNet USB HSM)

SafeNet Network HSM does not pass PED operations and data through to an externally connected SafeNet HSM from a SafeNet PED that is connected locally to the SafeNet Network HSM.

If the external HSM is PED-authenticated, then the options for SafeNet PED connection are:

local PED connection, directly to the affected HSM, when needed, or

Remote PED connection, passed through the SafeNet Network HSM 

Note:  Support for PKI Bundles with Remote PED begins at firmware version 6.10.1 in the external HSM.

Note:  Support for locally connected Backup HSM with Remote PED,
begins at firmware version 6.10.1 in the external HSM.

Note:  Use of Remote PED with an external device is made possible when you set up with the commands
hsm ped vector init -serial <serial#_of_external_HSM>
and
hsm ped connect -serial <serial#_of_external_HSM>
before using token pki or token backup commands.  

 

A capability update or a firmware update is meant to be applied just one time to an HSM. If you attempt to re-apply a capability update to an HSM that already has the capability installed, the system throws an error like " C0000002 : RC_GENERAL_ERROR ". A similar result occurs if you attempt to install a particular firmware update more than once on one HSM. This is expected behavior.

Syntax

pki update

capability
firmware
login
logout
show

Parameter Shortcut Description
capability c

Update the token capabilities. See token pki update capability.

firmware f Update the token firmware. See token pki update firmware.
login logi Login the PKI token Admin. See token pki update login.
logout logo Logout the PKI token Admin. See token pki update logout.
show s Show the available token updates. See token pki update show.