|
Home > |
|---|
Identify and set a SafeNet Backup HSM partition to access at the specified slot number.
This command is used only with a SafeNet Backup HSM at firmware version earlier than 6.22.0, and allows an archive partition on the Backup HSM to be accessed in a manner similar to an application partition on a general-purpose HSM. This command was originally developed for purposes of object migration from older PCMCIA-type HSMs in a SafeNet DOCK reader. It is still available, and can be used on a SafeNet Backup HSM, if you have a use for it. For a Backup HSM partition that is exposed by the slot configset command, the following limitations apply:
•keys cannot be used for cryptographic objects
•keys cannot be modified.
The benefit of applying the slot configset command to a Backup HSM is that, on an identified archive partition:
•keys can be deleted, individually/selectively
•keys can be cloned to other HSM partitions.
Partitions are named as they are created on a Backup HSM to accept archived objects during backup operations. If more than one backup partition exists on a Backup HSM, they are not exposed when you perform the lunacm command slot list. Generally the only backup partition that is referenced by default when the slot listing shows a slot as containing a SafeNet Backup HSM is from older editions of SafeNet HSMs, and is called "Cryptoki User". To choose which, of potentially several, archive partitions within a Backup HSM is the active partition, and to make it accessible, you need to identify that archive partition by name.
The process is to list/view the partitions while the Backup HSM is the current slot in LunaCM, using partition list, in order to see their partition names. Then run slot configset -slot <slot#-of-the-backup-hsm> -partitionname <name-of-desired-partition-on-backup-hsm> Then, for example, use partition clone to clone selected objects to other HSM partition slots.
Note: This command can be used with SafeNet Backup HSMs at firmware versions older than 6.22.0. Backup HSMs with firmware 6.22.0 or newer already appear as multiple independent partitions in a slot list, without need for slot configset.
Note: The configuration set with this command exists for the current LunaCM session only. If you log out of your LunaCM session, your slot configset configuration is erased.
slot configset -slot <slot_number> -partitionname <partitition_name>
| Parameter | Shortcut | Description |
|---|---|---|
| -partitionname | -p | The partition name of the slot. |
| -slot | -s | Specifies the number of the slot for which you wish to set configuration settings. |
lunacm:> slot configset -slot 1 -partition backuppar3
Slot configuration was successfully updated.
Command Result : No Error