|
Home > |
HSM Administration Guide > Software, Firmware, and Capability Upgrades > Software and Firmware Upgrades
|
|---|
Your system consists of components that might, from time to time, require updating to newer versions. The newer version might have fixes or functional improvements that are useful or important for your application. The components that might be affected are:
•Client software. See Client Software Upgrades
•SafeNet Luna Network HSM appliance software (the LunaSH command-line shell and its underlying software). See Appliance Software Upgrades.
•SafeNet Luna Network HSM firmware upgrades. See HSM Firmware Upgrades.
•SafeNet Luna Backup HSM firmware. See
CAUTION: If you require that your SafeNet Luna Network HSM be FIPS-certified, you must use FIPS-certified firmware. Refer to Customer Release Notes for more information.
To upgrade the SafeNet Luna HSM Client software, first uninstall any previous version of the Client. Then, run the new installer the same way you performed the original installation (see SafeNet Luna HSM Client Software Installation in the Installation Guide).
The client uninstaller, when invoked on Windows, removes libraries, utilities and other material related to the client, but does not remove configuration files and certificates. This allows you to install the newer version and be able to resume operation without need to manually restore configuration settings and without need to recreate, re-exchange, and re-register client and appliance certificates for NTLS.
Appliance software updates may include an image of the latest HSM firmware, which you may need to install to take advantage of all of the features in a release. If so, when you install the software, a firmware image is also installed onto the appliance file system. This image becomes the default upgrade firmware, and replaces the existing default upgrade firmware stored on the appliance. Note that firmware installation is a separate process (see HSM Firmware Upgrades).
Note: Appliance software upgrade is a one-way operation. There is currently no way to downgrade the appliance software once a new version is applied. This contrasts with the SafeNet Luna HSM client software, which can be replaced with any version by uninstalling the current version and installing a desired version, and the SafeNet Luna HSM firmware, which can be rolled back to the version that was installed before the currently-installed version.
To update system software and firmware, you must move the updates, in the form of update package files, to SafeNet Luna Network HSM and apply them. Updates are accompanied by instructions that provide detailed update instructions for each component. System and firmware updates require an authentication code, which is provided in a text file accompanying the update package. See package in the LunaSH Command Reference Guide for command syntax.
1.Copy the appliance software package file to the SafeNet Luna Network HSM, as follows:
| Linux/UNIX | scp <path>/<packagename>.spkg admin@<appliance_host_or_IP>: |
| Windows | pscp <path>\<packagename>.spkg admin@<appliance_host_or_IP>: |
2.Stop all client applications connected to the SafeNet Luna Network HSM appliance.
3.At the "login as:" prompt, login to the appliance as admin.
4.At the LunaSH prompt, login as HSM SO:
hsm login
5.[Optional Step] Verify that the file that you copied is present on the SafeNet Luna Network HSM:
package listfile
6. [Optional Step] Verify the package on the SafeNet Luna Network HSM:
package verify <filename>.spkg -authcode <code_string>
where <code> is the authorization code from <filename>.auth.
7.Install the software upgrade package on the SafeNet Luna Network HSM:
package update <filename>.spkg -authcode <code_string>
where <code> is the authorization code from <filename>.auth.
The installation/update process requires approximately one and a half minutes. During that time, a series of messages shows the progress of the update.
8.At the end of this process, a message “Software update completed!” appears. If the software update also included a firmware update, then the latest firmware upgrade package is now on the appliance, waiting to be installed in the HSM.
9.Perform a reboot of the SafeNet Luna Network HSM appliance before you update the firmware:
sysconf appliance reboot
In general, a new SafeNet Luna Network HSM is delivered with the current FIPS- validated firmware installed on the HSM card, and with the most recent firmware version included - waiting, but not yet installed - on the SafeNet Luna Network HSM hard drive as an optional update. Similarly, when you install a software update package that includes a firmware component, the software is changed and the accompanying new firmware goes into the waiting area on the appliance hard disk, replacing any previous optional firmware.
You can install the firmware image that is waiting on the appliance, or you can download and install a different version, if desired.
If you want to upgrade the firmware on a SafeNet Luna Backup HSM, see Upgrading the SafeNet Luna Backup HSM Firmware.
Note: It is strongly recommended that your SafeNet Luna Network HSM be powered from an uninterruptible power supply (UPS) when you perform the firmware update. There is a small chance that a power failure during the update command could leave your SafeNet Luna Network HSM in an unrecoverable condition.
1.If you are not installing the default upgrade firmware that is waiting on the appliance, obtain the firmware update secure package from Technical Support. Use scp/pscp to upload the package to the SafeNet Luna Network HSM appliance. See package in the LunaSH Command Reference Guide for command syntax.
| Linux/UNIX | scp <path>/<packagename>.spkg admin@<appliance_host_or_IP>: |
| Windows | pscp <path>\<packagename>.spkg admin@<appliance_host_or_IP>: |
2.Stop all client applications connected to the SafeNet Luna Network HSM appliance.
3.At the login prompt, log in to the SafeNet Luna Network HSM appliance as admin.
4.Log in as HSM SO:
hsm login
5.[Optional Step] If you uploaded a new firmware version to the appliance, verify that the file that you copied is present on the SafeNet Luna Network HSM:
package listfile
6. [Optional Step] If you uploaded a new firmware version to the appliance, verify the package on the SafeNet Luna Network HSM:
package verify <filename>.spkg -authcode <code_string>
where <code> is the authorization code from <filename>.auth.
7.Install the firmware upgrade package on the SafeNet Luna Network HSM.
Note: For customers using a service provider model, you can use the -useevp option to specify use of OpenSSL EVP (Digital EnVeloPe library) API to validate the update package, rather than invoking the HSM to do so (which would require HSM SO login). See package update in the LunaSH Command Reference Guide.
package update <flename>.spkg-authcode <code_string>
where <code_string> is the authorization code from <filename>.auth.
The package update process completes in seconds. The firmware package is now on the appliance, waiting to be installed in the HSM.
8.Run the firmware upgrade command:
hsm firmware upgrade
9.Log in to the HSM:
hsm login
10.Verify that the change has taken place. The installed firmware should show the desired target version:
hsm show
To upgrade the firmware on a SafeNet Luna Backup HSM, use LunaCM on a SafeNet Luna HSM client computer that is connected to the SafeNet Luna HSM and contains a copy of the firmware upgrade (.fuf) file with its associated firmware authentication code (.txt) file.
1.Copy the firmware file (<fw_filename>.fuf) to the client root directory. Defaults are:
–Windows: C:\Program Files\SafeNet\LunaClient
–Linux: /usr/safenet/lunaclient/bin
2.Obtain the firmware authorization code:
a.Contact Gemalto Technical Support. The firmware authorization code is provided as a text file.
b.Copy the <fw_authcode_filename>.txt file to the client root directory. Defaults are:
–Windows: C:\Program Files\SafeNet\LunaClient
–Linux: /usr/safenet/lunaclient/bin
3.Launch LunaCM.
4.If more than one HSM is installed, note which slot is assigned to that HSM and select it.
slot set -slot <slot_number>
5.Login as HSM SO.
role login -name so
6.Enter the following command to upgrade the firmware on the HSM:
hsm updatefirmware -fuf <fw_filename>.fuf -authcode <fw_authcode_filename>.txt
When rolling HSM firmware back to an earlier version, the order of the steps you perform is important.
An HSM that receives a firmware update arrives at that condition with any capabilities/features that were part of the HSM before the update was installed. The pre-update record of <firmware version+configuration> is set. If you rollback, you return the HSM to exactly the state that was recorded, prior to the update. All the same capabilities/features would be available, because they were present before the firmware update.
Any capability that you added after a firmware update would be lost, if you then rolled back the firmware, because the pre-update record of <firmware version+configuration> did not include any capability that you added only post-update. In that case:
•If the late-installed capability is not dependent on the newer firmware, then you can simply install it again, on the HSM at the rolled-back firmware version, and it will become part of the pre-update record the next time you update firmware.
•If the late-installed capability is dependent on the newer firmware, then you must do without that feature/capability until you once more update to a firmware version that can support it. At that time, you will need to re-install that capabilityupgrade.
The following table summarizes the options comparatively.
| Start with this |
If you do this... |
Result is this |
If you next do this... |
Result is this |
If you next do this... |
Result is this |
If you next do this... |
Result is this |
|
|---|---|---|---|---|---|---|---|---|---|
| Example 1 (Read across ==>) |
f/w X and Capabilities |
Update to f/w Y |
f/w Y and Capabilities |
Roll back to f/w X |
f/w X and Capabilities |
||||
| Example 2 (Read across ==>) |
Add Capability D (no dependency) |
f/w X and Capabilities |
Update to f/w Y |
f/w Y and Capabilities |
Roll back to f/w X |
f/w X and Capabilities |
|||
| Example 3 (Read across ==>) |
Update to f/w Y |
f/w Y and Capabilities |
Add Capability D (no dependency) |
f/w Y and Capabilities |
Roll back to f/w X |
f/w X and Capabilities |
|||
| Example 4 (Read across ==>) |
Capability E depends on f/w Y; Attempt to add Capability E fails |
f/w X and Capabilities |
Update to f/w Y |
f/w Y and Capabilities |
Add Capability E (depends on f/w Y) |
f/w Y and Capabilities |
Roll back to f/w X |
f/w X and Capabilities |
|
| In Example 1, no capabilities change; only the firmware version. | |||||||||
| In Example 2, D is added before firmware update; therefore the pre-update record includes capability D, so D survives firmware update and firmware rollback. | |||||||||
| In Example 3, D is added after firmware update, the pre-update record does not include capability D, so D does not survive firmware rollback. | |||||||||
| In Example 4, the pre-update record does not include capability E, so E does not survive firmware rollback. | |||||||||