Register Luna SA's certificate in the trust list on a client side.
- Download HSM appliance certificate and store it in /usr/safenet/lunaclient/cert/server/
- Add HSM appliance certificate to the trust list:
vtl addServer -n se-tug-hsm1.sunet.se -c /usr/safenet/lunaclient/cert/server/se-tug-hsm1.sunet.se.crt
Verify that the Luna SA server is in the list of servers trusted by the client.
Generate client certificate and send it to NUNOC to register client's certificate.
Procedure for client certificate creation is described in the section "HSM access" of the document "Production and test instances deployment guide".
Verify partition visibility to the client.
FaaS HSM-protected signing key
Create HA group with first partition as a primary partition
vtl haAdmin newgroup -serialNum 462371008 -label faasHAgroup -password <password>
Add a second partition to the HA group
vtl haAdmin addMember -group 1462371008 -serialNum 462344017 -password <password>
Configure Client to show only HA virtual slots
vtl haAdmin HAOnly -enable