Rolling Back the Luna Backup HSM (G7) Firmware

When you update the Luna Backup HSM (G7) firmware, the previous version of the firmware is stored in reserve on the HSM. If required, you can use the following procedure to roll back the HSM firmware to the previous version. Firmware rollback must be initiated using LunaCM; the Backup HSM must be connected to a Luna HSM Client workstation.

CAUTION!   Firmware rollback is destructive; earlier firmware versions might have older mechanisms and security vulnerabilities that a new version does not. Ensure that you do not have any important backups stored on the HSM before you proceed. This procedure zeroizes the HSM and all backups are erased.

Prerequisites

>Connect the Luna Backup HSM (G7) to a Luna HSM Client workstation.

To roll back the Luna Backup HSM (G7) firmware to the previous version

1.At the LunaCM prompt, set the active slot to the Backup HSM.

lunacm:> slot set -slot <slot_number>

2.Check the previous firmware version that is available on the HSM.

lunacm:> hsm showinfo

3.[PED-Authenticated] If you are rolling back a PED-authenticated Backup HSM, connect to the Remote PED server.

lunacm:> ped connect [-ip <IP_address>] [-port <port#>]

4.Log in as HSM SO.

lunacm:> role login -name so

5.Roll back the Backup HSM firmware.

lunacm:> hsm rollbackfw