search

Luna Cloud HSM

circle-info

To test or purchase the solution visit: Luna Cloud HSMarrow-up-right.

hashtag
Client download

  1. Access the services dashboard in Luna Cloud.

  2. When accessing the site or DPoD, in Services > Add Service, add the Luna Cloud HSM or Luna Cloud HSM for Java Code Signer.

  3. In Services > View Services, click the created service and add a client by clicking Create Service Client.

  4. When finished, a pop-up will appear with the download option for the client in the format .zip, download it.

  5. Send the file .zip to the server where the client will be installed.

hashtag
Client installation on the server

  1. Create a folder in usr and unzip the file .zip:

    cdir -p /usr/safenet/lunaclient
unzip setup-rangerkms1.zip -d /usr/safenet/lunaclient
cd /usr/safenet/lunaclient

  2. By default, the client comes with Windows files. Delete the following files:

    rm -f lch-support-win-64bit.exe
rm -f cvclient-min.zip

  3. Unpack the file .tar with the client for Linux in the same folder as the previous step:

    tar -xvf cvclient-min.tar

  4. Configure the environment variables by running the script setenv as follows:

    source ./setenv

  5. For better management, add the following commands to ~/.bashrc:

    cd /usr/safenet/lunaclient/
source setenv
cd ~/

export PATH=$PATH:/usr/safenet/lunaclient/bin/64/

hashtag
Partition initialization

  1. Run the lunacm:

    Output:

  2. Configure the slot active for the Luna Cloud partition that will be created:

    To list the slot:

    To configure the slot:

    Output:

  3. Initialize the partition service:

    During the wizard, provide the following information when prompted:

    • Enter password for Partition SO: Griaule.123

    • Enter the domain name: localhost

    Output:

  4. Perform the login with the security officer (po):

    Output:

  5. Initialize the crypto officer (co) and set the initial password:

    Output:

  6. Run the logout and login again:

    Output:

  7. Next, it is necessary to change the crypto officer password in the setupprocedure. Otherwise, it may error or the client may not function correctly:

circle-info

TIP The password can be changed to the same one, if necessary.

  1. Initialize the crypto user, by running the following command:

  2. Exit the lunacm by pressing Ctrl + C.

  3. To ensure everything is working correctly, run the following script:

Last updated

Was this helpful?