Upgrading HSM Capabilities

A Secure Capability Upgrade for Luna PCIe HSM is delivered to you as a downloaded file set. Follow the FTP instructions in the email you received from Thales Technical Support and unzip the files to the host workstation. The update procedure is similar to the procedure for firmware updates.

NOTE   On some Windows configurations, you might not have authority to copy or unzip files directly into C:\Program Files\.... If this is the case, put the files in a known location that you can reference in a LunaCM command.

You require:

>the Luna PCIe HSM capability upgrade file (<filename>.cuf)

>the capability update authentication code file (<filename>.txt)

Installing the Capability Upgrade

Once the files are unpacked and available on the host workstation, open a command-prompt session.

To install the upgrade package

1.Navigate to the Luna HSM Client directory and launch LunaCM.

2.Log in as HSM SO.

lunacm:> role login -name so

3.Apply the new capability by specifying the upgrade file and the file containing the authorization code. If the files are not located in the Luna Network HSM Client directory, specify the filepaths.

lunacm:> hsm updatecap -cuf <upgrade_file> -authcode <authcode_file>

4.Check that the new capability is in place.

lunacm:> hsm showpolicies