|
Home > |
|---|
Note: PKI mode is no longer supported and these commands have been deprecated.
Clone a source PKI device to a target PKI device.
An external SafeNet Luna HSM can be USB-connected to a SafeNet Luna Network HSM appliance for:
•local backup/restore operations (SafeNet Luna Backup HSM)
•PKI bundle operations (SafeNet Luna USB HSM)
SafeNet Luna Network HSM does not pass PED operations and data through to an externally connected SafeNet Luna HSM from a Luna PED that is connected locally to the SafeNet Luna Network HSM.
If the external HSM is PED-authenticated, then the options for Luna PED connection are:
•local PED connection, directly to the affected HSM, when needed, or
•Remote PED connection, passed through the SafeNet Luna Network HSM
Note: Support for PKI Bundles with Remote PED begins at firmware version 6.10.1 in the external HSM.
Note: Support for locally connected Backup HSM with Remote PED, begins at firmware version 6.10.1 in the external HSM.
Note: Use of Remote PED with an external device is made possible when you set up with the commands
hsm ped vector init -serial <serial#_of_external_HSM> and
hsm ped connect -serial <serial#_of_external_HSM>
before using token pki or token backup commands.
Users with the following privileges can perform this command:
•Admin
•Operator
token pki clone -source <serial_number> -target <serial_number> [-force]
| Option | Shortcut | Description |
|---|---|---|
| -force | -f | Force the action with no prompting. |
| -source <serial_number> | -s | Specifies the serial number of the inserted PKI token HSM, whose contents are to be securely copied (cloned) to another HSM. Use the token pki list command to get the token serial number. |
| -target <serial_number> | -t | Specifies the serial number of the inserted PKI token HSM, which is to receive the securely copied (cloned) contents of the source HSM. Use the token pki list command to get the token serial number. |
lunash:> token pki clone -source 700180 -target 700179
Please type "proceed" to continue, anything else to abort: proceed
Please enter the user challenge for source token:
Please enter the user challenge for target token:
Successfully cloned object 14 from source slot 5 to object 11 on target slot 4
Successfully cloned object 15 from source slot 5 to object 12 on target slot 4
Successfully cloned object 16 from source slot 5 to object 13 on target slot 4
Successfully cloned object 17 from source slot 5 to object 14 on target slot 4
Successfully cloned object 18 from source slot 5 to object 15 on target slot 4
Successfully cloned object 19 from source slot 5 to object 16 on target slot 4
Successfully cloned object 20 from source slot 5 to object 17 on target slot 4
Successfully cloned object 21 from source slot 5 to object 18 on target slot 4
Successfully cloned object 22 from source slot 5 to object 19 on target slot 4
Successfully cloned object 23 from source slot 5 to object 20 on target slot 4
Successfully cloned object 24 from source slot 5 to object 21 on target slot 4
Successfully cloned object 25 from source slot 5 to object 22 on target slot 4
Successfully cloned object 26 from source slot 5 to object 23 on target slot 4
Successfully cloned object 27 from source slot 5 to object 24 on target slot 4
Successfully cloned object 28 from source slot 5 to object 25 on target slot 4
Successfully cloned object 29 from source slot 5 to object 26 on target slot 4
Successfully cloned object 30 from source slot 5 to object 27 on target slot 4
Successfully cloned object 31 from source slot 5 to object 28 on target slot 4
Successfully cloned object 32 from source slot 5 to object 29 on target slot 4
Successfully cloned object 33 from source slot 5 to object 30 on target slot 4
Success cloning 20 objects from source slot 5 to destination slot 4
Success cloning token with serial num: 700180 to token with serial num: 700179!
Command Result : 0 (Success)