Service
Services are applications that work with REST API to communicate and manipulate information for external elements, like a server connected through a network. The Service tab contains operations you may perform with the services you are using. The Defaults section running along the top contains the HSM and partition serial numbers you entered on the Login tab (see Service Tab showing an error on Raw IO). If you wish to use a different HSM or partition, change these values.
Figure 1: Service Tab showing an error on Raw IO
To perform a command:
1.Specify the HSM or partition you want to operate on by entering its serial number under Defaults.
2.Select the service you want to communicate with (NTLS, STC, etc.), or click the Services tab to use more general commands and settings.
3.Click on a command button to initiate its corresponding resource.
If the query is successful, the Raw IO tab at the bottom will turn green and show you a record of your request and its response. If you are using the Formatted IO tab to track your outputs, you only see the response values.
If you are unsuccessful, the Raw IO tab will turn red and return an error. The Formatted IO tab will fail to populate with defined values, returning an error.
Example
For example, to stop a service on your partition:
1.Type in the HSM and partition serial numbers under Defaults.
2.Select the Services tab.
3.Click Stop. A dialog box will appear.
4.Enter the service you wish to stop into the dialog box prompt and click Ok.
The tables below list each command button you see on the Service tab in the client. Each command has a short description of what it does as well as its corresponding resource. The resources can be input manually in the Custom IO tab if you become very familiar with them.
NOTE There are some calls that are not included as buttons in the client. They must be input manually in the Custom IO tab. A complete list of resources you can query with the REST API can be found in the REST API Command Reference documentation.
Commands are grouped by their corresponding service:
>NTLS
>STC
>DNS
>NTP
>SNMP
Services
The Services tab sets general preferences for any or all services with the REST API.
The table below defines each Services command and references its corresponding resource.
| Command | Function | Resource |
|---|---|---|
| List Services | Lists all services associated with the appliance. | GET /api/lunasa/services |
| Get Service | Gets information on a specified service. | GET /api/lunasa/services/{serviceid} |
| Set onBoot | Sets a specified service to be running on startup. | PUT /api/lunasa/services/{serviceid} |
| Start | Starts the named service. | POST /api/lunasa/services/{serviceid}/actions/start |
| Stop | Stops the named service. | POST /api/lunasa/services/{serviceid}/actions/stop |
| Restart | Restarts the named service. | POST /api/lunasa/services/{serviceid}/actions/restart |
NTLS
Network Trust Link Service (NTLS), guarantees a secure connection when transferring data over a network. It encrypts your data and uses two-way digital certificate authentication to protect sensitive information so that you can ensure the security of your proprietary information.
The table below defines each NTLS command and references its corresponding resource.
| Command | Function | Resource |
|---|---|---|
| List Clients | Lists all NTLS clients registered with the appliance. | GET /api/lunasa/ntls/clients |
| Register Client | Registers a client with the appliance. | POST /api/lunasa/ntls/clients |
| Assign Partition | Registers a client with a partition on the HSM. | POST /api/lunasa/ntls/clients/{clientid}/partitions |
| Delete Client | Deletes the specified client from the appliance. | DELETE /api/lunasa/ntls/clients/{clientid} |
| Get Server Cert | Gets the server-side certificate used by NTLS to establish connections with clients. | GET /api/lunasa/ntls/certificate |
| List Partitions | Lists all partitions registered to a specified client. | GET /api/lunasa/ntls/clients/{clientid}/partitions |
STC
Secure Trusted Channel (STC), guarantees privacy and security in user-to-HSM communications. STC uses encryption, message authentication codes, and mutual endpoint authentication to ensure that only those authorized to use the connection can do so, and that your messages remain protected.
The table below defines each STC command and references its corresponding resource.
| Command | Function | Resource |
|---|---|---|
| Register Stc Client | Registers a client identity for secure trusted communication with a specified partition. | POST /api/lunasa/hsms/{hsmid}/partitions/{partitionid}/stc/clients |
| List Stc Client | Lists all client identities associated with the secure trusted channel for the specified partition. | GET /api/lunasa/hsms/{hsmid}/partitions/{partitionid}/stc/clients |
| Export Partition | Exports the specified partition's public key to a file. | GET /api/lunasa/hsms/{hsmid}/partitions/{partitionid}/stc |
Network
The Network tab manages all your network devices and your connection to them.
The table below defines each Network command and references its corresponding resource.
| Command | Function | Resource |
|---|---|---|
| Network Info | Gets the network information associated with the appliance. | GET /api/lunasa/network |
| Set Network Info | Sets all base network configurations associated with the appliance. | PUT /api/lunasa/network |
| List Devices | Lists all network devices. | GET /api/lunasa/network/devices |
| Get Device | Gets information on the specified network device. | GET /api/lunasa/network/devices/{deviceid} |
| Get Device IP4 | Gets IP4 information on the specified network device. | GET /api/lunasa/network/devices/{deviceid}/ip4 |
| Change Device | Changes the network device in use. | PATCH /api/lunasa/network/ |
| Ping | Tests network connectivity to host. | POST /api/lunasa/network/actions/ping |
DNS
You manage your DNS, or Domain Name Server, in the DNS tab.
The table below defines each DNS command and references its corresponding resource.
| Command | Function | Resource |
|---|---|---|
| List nameSRVs | Lists currently registered name servers. | GET /api/lunasa/network/dns/nameServers |
| Create nameSRV | Creates a new name server. | POST /api/lunasa/network/dns/nameServers |
| Get nameSRV | Gets information on a specified name server. | GET /api/lunasa/network/dns/nameServers/{nameServerid} |
| Delete nameSRV | Deletes a name server entry. | DELETE /api/lunasa/network/dns/nameServers/{nameServerid} |
| List searchDOMs | Lists currently registered search domains. | GET /api/lunasa/network/dns/searchDomains |
| Create searchDOM | Creates a new search domain. | POST /api/lunasa/network/dns/searchDomains |
| Get searchDOM | Gets information on a specified search domain. | GET /api/lunasa/network/dns/searchDomains/{searchDomainid} |
| Delete searchDOM | Deletes a search domain entry. | DELETE /api/lunasa/network/dns/searchDomains/{searchDomainid} |
NTP
Network Time Protocol (NTP), provides connections to highly accurate time data servers so that your appliance can be synchronized. All devices can undergo gradual time drifts, and correcting these drifts with NTP is essential for applications to run smoothly.
The table below defines each NTP command and references its corresponding resource.
| Command | Function | Resource |
|---|---|---|
| Get NTP | Gets NTP configuration information. | GET /api/lunasa/ntp |
| List Servers | Lists current server resources. | GET /api/lunasa/ntp/servers |
| Add Server | Adds an NTP server. | POST /api/lunasa/ntp/servers |
| Delete Server | Deletes a server entry. | DELETE /api/lunasa/ntp/servers/{serverid} |
| Server Info | Gets information on a specified server. | GET /api/lunasa/ntp/servers/{serverid} |
| Get Status | Returns information on ntp time, max error, estimated error, and offset. | GET /api/lunasa/ntp/status |
| Synchronize | Synchronizes date and time with NTP. | POST /api/lunasa/ntp/actions/synchronize |
SNMP
Simple Network Management Protocol (SNMP), monitors a local HSM for changes in certain conditions that may cause problems. Traps can be put in place to respond to these condition changes and notify the appropriate personnel of errors in functioning.
The table below defines each SNMP command and references its corresponding resource.
| Command | Function | Resource |
|---|---|---|
| Get SNMP | Gets SNMP configuration information. | GET /api/lunasa/snmp |
| Trap Info | Gets SNMP trap configuration information. | GET /api/lunasa/snmp/trap |
| Configure Trap | Configures SNMP trap parameters. | PUT /api/lunasa/snmp/trap |
| Delete Trap | Clears SNMP configuration. | DELETE /api/lunasa/snmp/trap |
| List Users | Lists SNMP users. | GET /api/lunasa/snmp/users |
| Create User | Creates an SNMP user. | POST /api/lunasa/snmp/users |
| User Info | Gets configuration information of a specified user. | GET /api/lunasa/snmp/users/{userid} |
| Delete User | Deletes a user. | DELETE /api/lunasa/snmp/users/{userid} |
| List Notifications | Lists SNMP notifications for a specified user. | GET /api/lunasa/snmp/users/{userid}/notifications |
| Create Notification | Creates an SNMP user notification. | POST /api/lunasa/snmp/users/{userid}/notifications |
| Notification Info | Gets configuration information for a specified notification. | GET /api/lunasa/snmp/users/{userid}/notifications/{notificationid} |
| Delete Notification | Deletes a specified notification. | DELETE /api/lunasa/snmp/users/{userid}/notifications/{notificationid} |
Syslog
The table below defines each Syslog command and references its corresponding resource.
| Command | Function | Resource |
|---|---|---|
| List Backups | Lists stored syslog backups. | GET /api/lunasa/syslog/backups |
| Create Backup | Creates a syslog backup. | POST /api/lunasa/syslog/backups |
| Get Backup | Retrieves a syslog backup and deletes it after. | GET /api/lunasa/syslog/backups/{backupid} |
| Delete Backup | Deletes a specified syslog backup. | DELETE /api/lunasa/syslog/backups/{backupid} |
| List remoteHosts | Lists configured remote hosts. | GET /api/lunasa/syslog/remoteHosts |
| Create remoteHost | Creates a remote host entry. | POST /api/lunasa/syslog/remoteHosts |
| remoteHost Info | Gets information on a specified remote host. | GET /api/lunasa/syslog/remoteHosts/{remoteHostid} |
| Delete remoteHost | Deletes specified remote host entries. | DELETE /api/lunasa/syslog/remoteHosts/{remoteHostid} |
