|
Home > |
|---|
Note: PKI mode is no longer supported and these commands have been deprecated.
Cache a deployed PKI token's PED key data. Clients can then connect, authenticate with their token password, and perform operations with token objects, without need for hands-on PED operations each time. Activation/cacheing endures until terminated by token removal or appliance power off. If a token has not been activated, then each access attempt by a Client causes a login call which initiates a Luna PED operation (requiring the appropriate black PED Key). Unattended operation is possible while the token is activated.
An external SafeNet Luna HSM can be USB-connected to a SafeNet Luna Network HSM appliance for:
•local backup/restore operations (SafeNet Luna Backup HSM)
•PKI bundle operations (SafeNet Luna USB HSM)
SafeNet Luna Network HSM does not pass PED operations and data through to an externally connected SafeNet Luna HSM from a Luna PED that is connected locally to the SafeNet Luna Network HSM.
If the external HSM is PED-authenticated, then the options for Luna PED connection are:
•local PED connection, directly to the affected HSM, when needed, or
•Remote PED connection, passed through the SafeNet Luna Network HSM
Note: Support for PKI Bundles with Remote PED begins at firmware version 6.10.1 in the external HSM.
Note: Support for locally connected Backup HSM with Remote PED, begins at firmware version 6.10.1 in the external HSM.
Note: Use of Remote PED with an external device is made possible when you set up with the commands
hsm ped vector init -serial <serial#_of_external_HSM> and
hsm ped connect -serial <serial#_of_external_HSM>
before using token pki or token backup commands.
Users with the following privileges can perform this command:
•Admin
•Operator
token pki activate -label <token_label>
| Option | Shortcut | Description |
|---|---|---|
| -label <token_label> | -l | Specifies the name of the inserted, deployed token to activate. Use the token pki listdeployed command to get the token name. |
lunash:> token pki activate -label mylunaca4-1
'token activate' successful.