hagroup synchronize
Synchronize an HA group or enable/disable key synchronization for key export applications.
Syntax
hagroup synchronize -group <label_or_serialnum> [-password <password>] [-enable | -disable]
Argument(s) | Shortcut | Description |
---|---|---|
-disable | -d |
Disable synchronization for this HA group. This option allows you to disable synchronization on HA groups that use HSMs configured for key export (KE) to wrap asymmetric private RSA keys. In this model, you create your symmetric wrapping keys, which are synchronized to each member of the HA group. After synchronizing the symmetric wrapping keys, you disable synchronization and begin creating your asymmetric RSA keys. If one of the HA members fails, the remaining members are still able to generate and wrap asymmetric private RSA keys using the synchronized symmetric wrapping key. |
-enable | -e | Enable synchronization for this HA group. Synchronization is enabled by default. You require this setting only if you wish to re-enable synchronization on an HA group where synchronization was previously disabled. For example, to create and synchronize a new symmetric wrapping key. |
-group <label_or_serialnum> | -g | Label or serial number for the HA group being synchronized. |
-password <password> | -p | Password for the group. |
Example
lunacm:> hagroup synchronize -group myHAgroup
Enter the password: ********
Synchronization completed.
Command Result : No Error
lunacm:> hagroup synchronize -group myHAgroup -disable
HA synchronization disabled
No synchronization performed/needed.
Command Result : No Error