Your suggested change has been received. Thank you.

close
Thales Logo

All

  • All
  • CipherTrust Manager
  • CipherTrust Application Data Protection (CADP)
  • CipherTrust Application Key Management (CAKM)
  • CipherTrust Batch Data Transformation (BDT)
  • CipherTrust Cloud Key Management (CCKM)
  • CipherTrust Data Discovery and Classification (DDC)
  • CipherTrust Data Protection Gateway (DPG)
  • CipherTrust Database Protection (CDP)
  • CipherTrust Intelligent Protection (CIP)
  • CipherTrust Integrations
  • CipherTrust Migrations
  • CipherTrust RESTful Data Protection (CRDP)
  • CipherTrust Transparent Encryption (CTE)
  • CipherTrust Transparent Encryption Userspace (CTE-U)
  • CipherTrust Secrets Management (CSM)
  • CipherTrust Vaulted Tokenization (CTE-V)
  • CipherTrust Vaultless Tokenization (CT-VL)
  • CTE-Linux
  • CTE-Windows
  • CTE-AIX
  • CTE-K8s
  • CTE-U
  • Data Protection on Demand
  • Luna Cloud HSM
  • Luna Network HSM
  • Luna PCIe HSM
  • Luna USB HSM
  • OneWelcome Identity Platform
  • ProtectApp LUKS
  • ProtectServer 2 HSM
  • ProtectServer 3 HSM
  • SafeNet Trusted Access (STA)
  • SafeNet MobilePASS+
  • SafeNet MobilePASS+ for Android
  • SafeNet MobilePASS+ for Chrome
  • SafeNet MobilePASS+ for macOS
  • SafeNet MobilePASS+ for iOS
  • SafeNet MobilePASS+ for WatchOS
  • SafeNet MobilePASS+ for Widows
  • SafeNet Synchronization Agent
  • SafeNet Logging Agent
  • SafeNet Agent for FreeRADIUS
  • SafeNet Agent for NPS
  • SafeNet Agent for Windows Logon
  • SafeNet Authentication Service Private Cloud Edition (SAS PCE)
  • SafeNet Remote Logging Agent
  • SafeNet Keycloak Agent
  • SafeNet IDPrime Virtual (IDPV)
  • SafeNet FIDO Key Manager
  • SafeNet FIDO Key Manager for Android
  • SafeNet FIDO Key Manager for iOS
  • SafeNet FIDO Key Manager for Windows
back

Administration Utility (gCTAdmin) reference

Slot and token management

search
printsuggest an edit

Slot and token management

copy link to clipboardCreating slots

To create slots on the HSM, select File > Create Slot, or select Create Slots on the toolbar. A dialog will prompt for the number of slots to be created.

gCTAdmin Creating Slots

Note

It is not possible to add slots using gCTAdmin while other ProtectToolkit-C applications are running.

copy link to clipboardRemoving slots

Before removing slots from ProtectToolkit-C, ensure that the contained token and objects are not in use.

copy link to clipboardTo remove a slot

Select File > Delete Slots. A list of available slots is displayed. Select the slot to delete from the list and select the Delete button.

gCTAdmin Deleting Slots

Note

The slot containing the Admin Token cannot be deleted.

copy link to clipboardInitializing a token

The initialization of a token is performed to set the user and token SO PIN. For more information about PINs, including details of what constitutes a valid PIN, refer to PINs and passwords.

copy link to clipboardTo initialize a token

  1. Select Edit > Tokens… from the menu to open the Manage Tokens dialog.

    gCTAdmin Manage Tokens

  2. Select an uninitialized token from the slot drop-down box.

  3. Select Initialize.

    The Initialise Token dialog will prompt for the token label, SO PIN, and User PIN.

    gCTAdmin Initialize Token

    Note

    PINs have to be entered twice to confirm correct entry.

    If you intend to operate the ProtectServer 3 HSM with firmware 7.03.00 in FIPS Mode, set a PIN that is 8 to 32 characters-long.

    The User PIN will not be required until an application requires storage on that slot.

  4. Select Done to exit the Manage Tokens dialog.

copy link to clipboardSetting the Token User PIN

copy link to clipboardTo set the Token User PIN

  1. Select Edit > Tokens...

  2. Select an initialized token from the slot drop-down box, then select User PIN. If the selected token does not have a current User PIN, the dialog will prompt for the SO PIN in order to authorize the creation of the new User PIN. For more information about PINs, including details of what constitutes a valid PIN, refer to PINs and passwords.

    If the selected token already has a User PIN assigned, the dialog will prompt for the current and new User PIN to be entered.

    gCTAdmin Change User PIN

    Note

    PINs have to be entered twice to confirm correct entry.

  3. Select Done to exit the Manage Tokens dialog.

copy link to clipboardSetting the Token SO PIN

  1. To set a token SO PIN, select Edit > Tokens….

  2. Select an initialized token from the slot drop-down box, then select SO PIN. The dialog will prompt for the current and new SO PIN to be entered. For more information about PINs, including details of what constitutes a valid PIN, refer to PINs and passwords.

    gCTAdmin Change SO PIN

    Note

    PINs have to be entered twice to confirm correct entry.

  3. Select Done to exit the Manage Tokens dialog.

copy link to clipboardResetting a token

A token reset can only be done to initialized tokens. Admin tokens cannot be reset and any attempt to do so will display a warning.

Note

Resetting a token will erase all objects and user data on that token and set a new user PIN.

copy link to clipboardTo reset a token

  1. Select an initialized token from the slot drop-down box, and then select Reset and enter the token SO PIN to open the Initialize Token dialog.

  2. Enter a token label, SO PIN and User PIN. A token is considered initialized after entry of the SO PIN. The User PIN does not have to be set until an application requires storage on that slot. For more information about PINs, including details of what constitutes a valid PIN, refer to PINs and passwords.

    Note

    PINs have to be entered twice to confirm correct entry.

  3. Select Done to exit the Manage Tokens dialog.

On this page