Page tree

Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

  1. Register Luna SA's certificate in the trust list on a client side.

    - Download HSM appliance certificate and store it in  /usr/safenet/lunaclient/cert/server/

    - Add HSM appliance certificate to the trust list:

    No Format
    vtl addServer -n se-tug-hsm1.sunet.se -c /usr/safenet/lunaclient/cert/server/se-tug-hsm1.sunet.se.crt


  2. Verify that the Luna SA server is in the list of servers trusted by the client.

    No Format
    vtl listservers


  3. Generate client certificate and send it to NUNOC to register client's certificate.

    Info

    Procedure for client certificate creation is described in the section "HSM access" of the document "Production and test instances deployment guide".


  4. Verify partition visibility to the client.

    No Format
    vtl verify

 



FaaS HSM-protected signing key

...

  1. Create HA group with first partition as a primary partition

    No Format
    vtl haAdmin newgroup -serialNum 462371008 -label faasHAgroup -password <password>


  2. Add a second partition to the HA group

    No Format
    vtl haAdmin addMember -group 1462371008 -serialNum 462344017 -password <password>


  3. Configure Client to show only HA virtual slots

    No Format
    vtl haAdmin HAOnly -enable

 

 

 

 

 

 

 

 

 

...