Supported Luna HSM Client Operating Systems
Luna HSM Client 7.2 and newer can be used with HSMs running Luna 6.2.1 or higher, or any Luna 7 version, without conflict. Luna HSM Client 7.2 and newer versions can coexist in large deployments. You can schedule client roll-outs at your convenience, without need to match versions across your organization. Future HSM features that do not have client-version dependencies will function without issue.
You can install the Luna HSM Client on the following operating systems:
| Operating System | Version | 64-bit applications on 64-bit OS |
32-bit applications on 64-bit OS |
32-bit applications on 32-bit OS | Secure Boot |
|---|---|---|---|---|---|
| Windows | 10 | Yes | 7.4.0 & older | No | 10.1.0 & newer |
| Windows Server Standard | 2019 | 10.1.0 & newer | No | No | 10.1.0 & newer |
| 2016 | Yes | 7.4.0 & older | No | 10.1.0 & newer | |
| 2012 R2 | Yes | 7.4.0 & older | No | No | |
| Windows Server Core | 2019 | 10.2.0 & newer | No | No | 10.1.0 & newer |
| 2016 | 10.2.0 & newer | No | No | 10.2.0 & newer | |
| Redhat-based Linux (including variants like CentOS and Oracle Enterprise Linux) |
8.0, 8.1 ( † ) | 10.2.0 & newer | No | No | No |
| 7 | Yes | 7.4.0 & older | 7.4.0 & older | No | |
| OpenSuse Linux (minimal client only) | 13 | 10.1.0 & newer | 7.4.0 & older | 7.4.0 & older | No |
| 12.4 | 10.1.0 & newer | 7.4.0 & older | 7.4.0 & older | No | |
| 11.4 | 10.1.0 & newer | 7.4.0 & older | 7.4.0 & older | No | |
| Ubuntu * | 18 | Yes | No | 7.4.0 & older | No |
| 14.04 | Yes | No | 7.4.0 & older | No |
† RHEL and CentOS 8.0 and 8.1 with their original kernels. For 8.2 and newer, if your current Linux kernel does not include the file dma_remapping.h, acquire it (from RHEL or CentOS 8.1 kernel version 4.18.0-147 or earlier ) and copy it into “/usr/src/kernels/4.18.0.193.28.1.el8_2.x86_64/include/linux/” in your current Client installation target.
* The Linux installer for Luna HSM Client software is compiled as .rpm packages. To install on a Debian-based distribution, such as Ubuntu, alien is used to convert the packages. We used build-essential:
apt-get install build-essential alien
If you are using a Docker container or another such microservice to install the Luna Minimal Client on Ubuntu, and your initial client installation was on another supported Linux distribution as listed above, you do not require alien. Refer to the product documentation for instructions. You might need to account for your particular system and any pre-existing dependencies for your other applications.
Server Compatibility
The Luna PCIe HSM conforms to the PCIe 2.0 standard, or higher, and requires a PCIe x4 or higher slot that conforms to PCIe 2.0 or higher. There are no known incompatible servers at this time.
NOTE Do not install the Luna PCIe HSM into a slot reserved for a dedicated function, such as video. If you do, the host system might not boot successfully.
Remote PEDserver
The PEDserver software is included with the Luna HSM Client software. You must install the Luna HSM Client, with the PEDserver option, on each workstation used to host a remote PED. The PEDserver software is supported on Windows and Linux (see Supported Luna HSM Client Operating Systems).
Supported Cryptographic APIs
Applications can perform cryptographic operations using the following APIs:
>PKCS#11 2.20
>JCA within Oracle Java 7*/8*/9/10/11
* Luna HSM Client 10.1 and newer requires the advanced version of Oracle Java 7/8.
>JCA within OpenJDK 7/8/9/10/11
>OpenSSL
>Microsoft CAPI
>Microsoft CNG
