Registering the appliance as a client in the SafeNet Luna SA HSM

Configure the Luna SA HSM to allow the appliance to access the required partitions.

Before you begin

After you create an SSL certificate database on the appliance for the HSM, the appliance generates a certificate and transfers it to the HSM. Before you start these steps, check if the certificate exists on the HSM.

The IP address that the appliance uses to communicate with the HSM is required to complete these steps. This IP address can be found on the Details tab of the certificate database on the appliance.

Note: Configure only one client on a single HSM for the appliance, regardless of how many certificate databases are created for that HSM.

Procedure

  1. Use SSH to access the Luna SA HSM as admin.
  2. Run the following command: 
    client register -client <client_name> -hostname <client_ip>

    where client_name is a name that represents the appliance and client_ip is the IP address that is listed on the Details tab.

  3. Run the following command: 
    client assignPartition -client <client_name> -partition <partition_name>

    where client_name is the name that is used in the previous step and partition_name is the partition against which the SSL Certificate database was configured.

Parent topic: Configuring network Hardware Security Module (HSM) support