cluster client enable

Enable certificate authentication for a client that has been registered to the cluster using a Certificate Signing Request (CSR). If certificate authentication is disabled, this client must authenticate using a LunaSH password. Only the specific role (monitor or a custom user with a monitor role) associated with the client can enable or disable it. See Certificate-Based monitor Role Authentication.

NOTE   Thales requires minimum Luna Appliance Software 7.8.5 with the lnh_cluster-1.0.4 package, Luna HSM Firmware 7.8.4, and Luna HSM Client 10.7.2 to use clusters in production environments.

REST API: PATCH /api/clusters/{clusterID}/clients/{clientID}

User Privileges

Users with the following privileges can perform this command:

>Monitor

Syntax

cluster client enable -clientid <string> [-force]

Argument(s) Shortcut Description
-clientid -c Specifies the ID of the client you want to enable.
-force -f Enable the client without prompting for confirmation.

Example

lunash:>cluster client enable -clientid 7ba8124c-05d3-412b-ac6b-fd2cbae6324a

WARNING !!  This operation will enable Client certificate authentication!!!
If you are sure that you wish to proceed, then type 'proceed', otherwise type 'quit'

> proceed
Proceeding...

Success

Command Result : 0 (Success)