hsm stc identity delete

Delete the client identity from the STC admin channel identity token. The STC admin channel is local to the appliance, and is used to transmit data between the local services and applications running on the appliance (such as LunaSH, NTLS, and the STC service) and the HSM SO partition.

This command, in conjunction with hsm stc identity create allows you to re-generate the token identity key pair if required for security reasons (for example, if the token is compromised), or for administrative reasons (for example, to perform a key rotation).

This command does the following, in the order specified:

1.Deletes the LunaSH STC client identity public key in the HSM SO partition.

2.Deletes the HSM SO partition identity.

3.Deletes the LunaSH STC client identity.

If any of the identities fail to be deleted, the command will report the failure but will continue to delete the client identity.

NOTE   To protect the integrity of any existing STC links, you cannot execute this command if HSM policy 39: Allow Secure Trusted Channel is enabled.

User Privileges

Users with the following privileges can perform this command:

>Admin

>Operator

Syntax

stc identity delete [-force]

Argument(s) Shortcut Description
-force -f Force the action without prompting.

Example

lunash:>stc identity delete
 
 
Are you sure you want to delete the client identity HsmClientId?
 
All registered HSM partitions will no longer be available to this client token.
 
          Type 'proceed' to continue, or 'quit'
          to quit now.
          > proceed
 
Successfully deleted client identity.
 
 
Command Result : 0 (Success)