|
Home > |
|---|
This section provides additional information by answering questions that are frequently asked by our customers.
Did you verify that they were all on before you removed rack power?
SafeNet Network HSM is configured to return to previous state on application of AC power. If the appliance was running, and power was removed, then when power is re-applied the appliance re-boots. If the appliance was not running when power was removed, then the appliance does not [re]start when power becomes available again, and you must manually toggle the appliance power switch.
Each installation will have its own issues and peculiarities. For this discussion we will assume that both the SafeNet HSM server and the application server - PKI, web, other - that is the main client of the SafeNet HSM server are being moved. Here are some common steps to consider:
•change the IP address of the SafeNet HSM server
•change/update any other IP dependencies that are configured on the SafeNet HSM server, such as NTP servers, Syslog servers, ntls binding by IP, etc.
•on the client computer (PKI server, web server, other) change the IP address of the SafeNet HSM server as found in the client computer's crystoki.ini/chrystoki.conf file
•regenerate certificates on both the SafeNet HSM server and the client computer(s), if you used IP addresses rather than hostnames (no name resolution configured)
•delete the client from the SafeNet HSM server
•exchange the new certificates
•re-register the client on the SafeNet HSM server
•re-assign the appropriate HSM partition to the client
•if the application is Windows-based and identical client/server computers (or complete clones) are not used in the new datacenter, then there might be some Windows issues to complete, such as making/updating registry entries, running certutil -repairstore, and so on.