Set the HSM Policies

SafeNet Luna HSMs are built on one of our general-purpose HSM platforms (hardware plus firmware), with a range of capabilities allowing them to be customized for specific use cases.

Some capabilities are static and cannot be changed.

Many HSM capabilities can be altered by means of HSM Policies, which coincide one-for-one with the capabilities that they alter.

You can view the current HSM capabilities and policies with the hsm showpolicies command:

You can change a current HSM policy in LunaSH with the hsm changepolicy command.

This section describes how to modify HSM Policies, and suggests some examples of changes best made before the HSM is further configured for use in your environment. Refer to the instructions for your HSM authentication type:

>Set HSM Policies (Password Authentication)

>Set HSM Policies - PED Authentication