client register
Add a client to the list of clients that can access the Luna appliance's NTLS. A client must be registered before you can assign partitions to it.
NOTE The client's certificate file can be used to perform the registration, but is not needed (see the -noCert option below) as of appliance software version 7.8.3. Certificates can be exchanged later. If -noCert is not used, then a certificate named for hostname or IP is expected.
NTLS always employs bilateral authentication thus the client certificate is definitely being used. What “-nocert” means is that the client certificate is not self-signed, thus only the CA certificates are required to be in the Luna Network HSM 7 appliance trust store.
User Privileges
Users with the following privileges can perform this command:
>Admin
>Operator
Syntax
client register -client <clientname> {-hostname <hostname> | -ip <IPaddress>} [-noCert] [-force]
Argument(s) | Shortcut | Description |
---|---|---|
-client <clientname> | -c | The new client's name. Choose any name, so long as it is less than 255 characters, and is unique among all clients on the Luna HSM appliance. The client name need not be the hostname of the client. |
-force | -f | Force the action without prompting. |
-hostname <hostname> | -h |
The hostname of the new client. Use this parameter if the client certificate (and server certificates) were created with hostnames. If the certificates were created with IP addresses, use the -ip parameter instead. |
-ip <IPaddress> | -i |
The IP address of the new client. Use this parameter if the client certificate (and server certificates) were created with IP addresses. If the certificates were created with hostnames, use the -hostname parameter instead. |
-noCert | -n | Register a client without requiring a certificate. (See NOTE above on this page.) |
Example
lunash:>client register -client 192.168.11.91 -ip 192.168.11.91 'client register' successful. Command Result : 0 (Success)