clientconfig deploy

Creates a Network Trust Link between the client and a SafeNet Luna PCIe HSM appliance. This command creates a client Private Key and Certificate, and uses scp or pscp to transfer the client and server certificates to each other.

NOTE   If scp or pscp is blocked by a firewall, this command will fail and the certificates must be transferred by other secure means and registered manually.

Syntax

clientconfig deploy -server <server_IP> -client <client_IP> -partition <partition_name> [-password <password>] [-user <username>] [-regen] [-verbose] [-force]

Option Shortcut Description

-client <client_IP>

-c The client hostname or IP.
-force -f Force the action without prompting for confirmation.

-partition <partition_name>

-par The name of the partition to be assigned to the client. This partition must be created in advance using LunaSH.

-password <password>

-pw The appliance administrator's password. If this option is not included, you will be prompted for the password. Passwords entered at the prompt are hidden.

-regen

-rg Including this option will regenerate and replace the client certificate. This may disrupt connections to other SafeNet Luna PCIe HSM servers.

-server <server_IP>

-n The server hostname or IP.

-verbose

-v Show more detailed logs during the procedure.

-user <username>

-ur

The appliance administrator's username.

Default: admin

Example

lunacm:> clientconfig deploy -server 192.20.11.78 -client 192.20.11.129 -partition par1
Please wait...
 
Using username "admin".
Please enter appliance admin role user's password:
Last login: Wed Feb 22 10:06:59 2017 from 192.20.11.129
 
Luna SA 7.0.0 Command Line Shell - Copyright (c) 2001-2017 SafeNet, Inc. All rights reserved.
 
 
Private Key created and written to: C:\Program Files\SafeNet\LunaClient\cert\client\192.20.11.129Key.pem
Certificate created and written to: C:\Program Files\SafeNet\LunaClient\cert\client\192.20.11.129.pem
 
 
 
New server 192.20.11.78 successfully added to server list.
 
 
 
The following Luna SA Slots/Partitions were found:
 
Slot    Serial #                Label
====    ================        =====
   0       1238700701510        par0
   1        154438865312
 
 
Command Result : No Error