clientconfig deploy
Creates a Network Trust Link between the client and a SafeNet Luna PCIe HSM appliance. This command creates a client Private Key and Certificate, and uses scp or pscp to transfer the client and server certificates to each other.
NOTE If scp or pscp is blocked by a firewall, this command will fail and the certificates must be transferred by other secure means and registered manually.
Syntax
clientconfig deploy -server <server_IP> -client <client_IP> -partition <partition_name> [-password <password>] [-user <username>] [-regen] [-verbose] [-force]
Argument(s) | Shortcut | Description |
---|---|---|
-client <client_IP> |
-c | The client hostname or IP. |
-force | -f | Force the action without prompting for confirmation. |
-partition <partition_name> |
-par | The name of the partition to be assigned to the client. This partition must be created in advance using LunaSH. |
-password <password> |
-pw | The appliance administrator's password. If this option is not included, you will be prompted for the password. Passwords entered at the prompt are hidden. |
-regen |
-rg | Including this option will regenerate and replace the client certificate. This may disrupt connections to other SafeNet Luna PCIe HSM servers. |
-server <server_IP> |
-n | The server hostname or IP. |
-verbose |
-v | Show more detailed logs during the procedure. |
-user <username> |
-ur |
The appliance administrator's username. Default: admin |
Example
lunacm:> clientconfig deploy -server 192.20.11.78 -client 192.20.11.129 -partition par1 -password userpin2 -user admin
Please wait while we set up the connection to the HSM. This may take several minutes...
Last login: Wed Feb 22 10:06:59 2017 from 192.20.11.129
Luna SA 7.0.0 Command Line Shell - Copyright (c) 2001-2017 SafeNet, Inc. All rights reserved.
Private Key created and written to: C:\Program Files\SafeNet\LunaClient\cert\client\192.20.11.129Key.pem
Certificate created and written to: C:\Program Files\SafeNet\LunaClient\cert\client\192.20.11.129.pem
New server 192.20.11.78 successfully added to server list.
The following Luna SA Slots/Partitions were found:
Slot Serial # Label
==== ================ =====
0 1238700701510 par0
1 154438865312
Command Result : No Error