cluster client enable
Enable certificate authentication for a client that has been registered to the cluster using a Certificate Signing Request (CSR). If certificate authentication is disabled, this client must authenticate using a LunaSH password. Only the specific role (monitor or a custom user with a monitor role) associated with the client can enable or disable it. See Certificate-Based monitor Role Authentication.
NOTE Thales requires minimum Luna Appliance Software 7.8.5 with the lnh_cluster-1.0.4 package, Luna HSM Firmware 7.8.4, and Luna HSM Client 10.7.2 to use clusters in production environments.
REST API: PATCH /api/clusters/{clusterID}/clients/{clientID}
User Privileges
Users with the following privileges can perform this command:
>Monitor
Syntax
cluster client enable -clientid <string> [-force]
Argument(s) | Shortcut | Description |
---|---|---|
-clientid | -c | Specifies the ID of the client you want to enable. |
-force | -f | Enable the client without prompting for confirmation. |
Example
lunash:>cluster client enable -clientid 7ba8124c-05d3-412b-ac6b-fd2cbae6324a WARNING !! This operation will enable Client certificate authentication!!! If you are sure that you wish to proceed, then type 'proceed', otherwise type 'quit' > proceed Proceeding... Success Command Result : 0 (Success)