Home >

token pki changepin

Note:  PKI mode is no longer supported and these commands have been deprecated.

Change the challenge secret or password for the indicated PKI device. 

An external SafeNet Luna HSM can be USB-connected to a SafeNet Luna Network HSM appliance for:

local backup/restore operations (SafeNet Luna Backup HSM)

PKI bundle operations (SafeNet Luna USB HSM)

SafeNet Luna Network HSM does not pass PED operations and data through to an externally connected SafeNet Luna HSM from a Luna PED that is connected locally to the SafeNet Luna Network HSM.

If the external HSM is PED-authenticated, then the options for Luna PED connection are:

local PED connection, directly to the affected HSM, when needed, or

Remote PED connection, passed through the SafeNet Luna Network HSM 

Note:  Support for PKI Bundles with Remote PED begins at firmware version 6.10.1 in the external HSM.

Note:  Support for locally connected Backup HSM with Remote PED, begins at firmware version 6.10.1 in the external HSM.

Note:  Use of Remote PED with an external device is made possible when you set up with the commands
hsm ped vector init -serial <serial#_of_external_HSM> and
hsm ped connect -serial <serial#_of_external_HSM>
before using token pki or token backup commands.

User Privileges

Users with the following privileges can perform this command:

Admin

Operator

Syntax

token pki changepin -serial <tokenserialnumber> [-force]

Option Shortcut Description
-force -f Force the action with no prompting.
-serial <tokenserialnumber> -s Specifies the serial number of the inserted token, whose password or challenge is to change. Use the token pki list command to get the token serial number.

Example

lunash:> token pki changepin -serial 1766711
 
Please type "proceed" to continue, anything else to abort: proceed
 
**********************************************
*                                            *
*     About to change the user password      *
*     Please pay attention to the PED        *
*                                            *
**********************************************
Please enter the current user challenge:
 
The partition has not been activated yet.
 
Luna PED operation required to activate partition on HSM - use User or
Partition Owner (black) PED key.
 
Please enter the new user challenge:
 
Please re-enter the new user challenge:
 
Success changing the user password for slot 4 !
 
Command Result : 0 (Success)

SafeNet Luna Network HSM 7.0 Product Documentation
007-013576-002 Rev. A 02 June 2017 Copyright 2001-2017 Gemalto All rights reserved.