vtl
The vtl (Virtual Token Library) command-line utility is installed with the SafeNet Luna HSM Client software. It is used to manage the relationship between your Client computer and one or more SafeNet appliances.
NOTE Many vtl functions have been moved to LunaCM. Thales recommends using LunaCM for client configuration wherever possible. See lunacm:>clientconfig for details.
Open a command prompt window or console, cd to the directory where you installed your client software, and run the vtl command (with the -h option, to see the available sub-commands).
These are the commands that you can use to manage the relationship between your SafeNet Luna HSM Client computer and one or more SafeNet appliances (either SafeNet Luna Network HSMs, or SafeNet Luna Backup HSM configured for remote backup). You must have Administrator privileges on the client computer. If you do not also have authority on the SafeNet appliance(s), then you need the co-operation of the person who holds that authority.
admin@mycomputer:~>vtl
usage: (select command -h for additional information)
NOTE You need to be Administrator (or equivalent) when running vtl commands that need to access /etc and /user (and the equivalents in Windows).
Subcommands
| Subcommand | Description |
|---|---|
| addServer |
Add a server to the client's list of trusted HSM servers (you need to have already imported the server certificate from each HSM that you wish to add). See vtl addServer. |
| cklogsupport | Enable or disable CKLOG support. See vtl cklogsupport. |
| deleteServer | Remove a server/host from the client's list of trusted HSM servers. See vtl deleteServer. |
| replaceServer | Replace a named server/host from the client's list of trusted HSM servers with a new named server/host. See vtl replaceServer. |
| listServers | Display a list of HSM servers trusted by this client. See vtl listServers. |
| createCert | Create (or re-create) the client's certificate and private key used for NTLS (Network Trust Link Service). See vtl createCert. |
| listSlots |
List all PKCS#11 cryptographic device slots that can be seen at this time. See vtl listSlots. |
| verify | Verify the visible HSM slots or partitions. See vtl verify. |
| fingerprint | Display the fingerprint of a specified certificate. See vtl fingerprint. |
| examineCert | Display details of a specified certificate. See vtl examineCert. |
| supportInfo | Create a support information file, when one is requested by Thales Customer Support. See vtl supportInfo. |
| logging | Configure logging for Windows computers. See vtl logging. |
