hsm stc identity delete

Delete the client identity from the STC admin channel identity token. The STC admin channel is local to the appliance, and is used to transmit data between the local services and applications running on the appliance (such as LunaSH, NTLS, and the STC service) and the HSM SO partition.

NOTE   The STC admin channel is configurable using Luna Appliance Software 7.4.0 and older, and Luna HSM Firmware 7.4.2 and older. This feature is not available in Luna HSM Firmware 7.7.0 and newer.

This command, in conjunction with hsm stc identity create allows you to re-generate the token identity key pair if required for security reasons (for example, if the token is compromised), or for administrative reasons (for example, to perform a key rotation).

This command does the following, in the order specified:

1.Deletes the LunaSH STC client identity public key in the HSM SO partition.

2.Deletes the HSM SO partition identity.

3.Deletes the LunaSH STC client identity.

If any of the identities fail to be deleted, the command will report the failure but will continue to delete the client identity.

NOTE   To protect the integrity of any existing STC links, you cannot execute this command if HSM policy 39: Allow Secure Trusted Channel is enabled.

User Privileges

Users with the following privileges can perform this command:

>Admin

>Operator

Syntax

stc identity delete [-force]

Argument(s) Shortcut Description
-force -f Force the action without prompting.

Example

lunash:>stc identity delete

Are you sure you want to delete the client identity HsmClientId?

All registered HSM partitions will no longer be available to this client token.

          Type 'proceed' to continue, or 'quit'
          to quit now.
          > proceed

Successfully deleted client identity.

Command Result : 0 (Success)