clientconfig deploy

Creates a Network Trust Link between the client and a Luna Network HSM 7 appliance. This command creates a client Private Key and Certificate, and uses pscp or scp to transfer the client and server certificates to each other.

NOTE If pscp or scp is blocked by a firewall, this command will fail and the certificates must be transferred by other secure means and registered manually.

Syntax

clientconfig deploy -server <server_IP> -client <client_IP> -partition <partition_name> [-password <password>] [-hsmPassword <HSMSO_password>] [-user <username>] [-regen] [-verbose] [-force]

Argument(s)	Shortcut	Description
-client <client_IP>	-c	The client hostname or IP.
-hsmPassword <HSMSO_password>	-hsmpw	The HSM SO password. This option is required only if HSM SO login enforcement is enabled on Luna Network HSM 7.
-force	-f	Force the action without prompting for confirmation.
-partition <partition_name>	-par	The name of the partition to be assigned to the client. This partition must be created in advance using LunaSH.
-password <password>	-pw	Password of the Luna Network HSM appliance’s admin-capable user that is running this command. Default is admin, or can be a custom-defined user having requisite admin privileges.
-regen	-rg	Including this option will regenerate and replace any current client certificate with the default 2048-bit RSA certificate. This may disrupt connections to other Luna Network HSM 7 servers. If you need your client to use larger RSA keysizes, then generate via the vtl utility instead.
-server <server_IP>	-n	The server hostname or IP.
-verbose	-v	Show more detailed logs during the procedure.
-user <username>	-ur	Username of the Luna Network HSM appliance user running this command – can be admin or can be a custom user with admin privileges, if you have created one for the target appliance. Default: admin

Example

lunacm:> clientconfig deploy -server 192.20.11.78 -client 192.20.11.129 -partition par1 -password myuserpin2 -user admin
Please wait while we set up the connection to the HSM. This may take several minutes...

Last login: Wed Feb 22 10:06:59 2020 from 192.20.11.129

Luna Network HSM 7.7.0 Command Line Shell - Copyright (c) 2001-2020 SafeNet, Inc. All rights reserved.


Private Key created and written to: C:\Program Files\SafeNet\LunaClient\cert\client\192.20.11.129Key.pem
Certificate created and written to: C:\Program Files\SafeNet\LunaClient\cert\client\192.20.11.129.pem



New server 192.20.11.78 successfully added to server list.



The following Luna Network HSM Slots/Partitions were found:


Slot    Serial #                Label
====    ================        =====
   0       1238700701510        par0
   1        154438865312


Command Result : No Error



	SUPPORT	LEGAL
Luna USB HSM 7 Documentation © Copyright 2001-2024, Thales Group Last Updated: 2024-10-22 10:41:19 GMT-04:00	Customer Release Notes Customer Support Portal Support Contacts	End User License Agreement Third Party Software Licenses Document Information