Configuring Proxies for a Luna Cloud HSM Service

You may need to configure a proxy to allow your client to connect the Luna Cloud HSM service partition over your network. This document contains proxy configuration recommendations to support configuring a client proxy for connecting a client to a Luna Cloud HSM service.

See To configure a client proxy for your network for more information about configuring the client to connect to the Luna Cloud HSM service.

See To configure a client proxy for WinHTTP for more information about enabling the client on Windows operating systems to access and download certificate revocation lists (CRLs) for certificate validation from the Internet.

To configure a client proxy for your network

1.Follow the procedure for the Windows Interactive HSM Client Installation or the Linux HSM Client Installationon your system and complete Adding a Luna Cloud HSM Service.

Follow the procedure for Adding and Configuring a Client downloaded through Thales Data Protection on Demand.

2.Complete one of the following options to configure a client proxy for the Luna Cloud HSM service.

Option 1: Open the crystoki.ini (Windows) or Chrystoki.conf (Linux) configuration file and add the following to the REST section:

Linux

REST = {

ClientProxy = <proxy>:<port_number>;

Windows

[REST]

ClientProxy = <proxy>:<port_number>

CAUTION! Do not change any other entries in the REST section.

Option 2: Set the HTTPS_PROXY environment variable to <proxy>:<port_number> or <ip_address>:<port_number>.

NOTE Setting this environment variable will override any settings in the REST section of the crystoki.ini (Windows) or Chrystoki.conf (Linux) configuration file.

Option 3: Set the ClientProxy environment variable to <proxy>:<port_number> or <ip_address>:<port_number>.

NOTE Setting this environment variable will override any settings in the REST section of the crystoki.ini (Windows) or Chrystoki.conf (Linux) configuration file or any existing HTTPS_PROXY environment variable.

3.Open a command prompt and start LunaCM. If the command executes with no errors your connection is working correctly.

To configure a client proxy for WinHTTP

1.Open PowerShell and execute the following to display the current WinHTTP proxy configuration:

netsh winhttp show proxy

2.Complete one of the following options to configure a proxy for WinHTTP:

Option 1: Import the existing proxy configuration from WinINET.

netsh winhttp import proxy source=ie

Option 2: Manually add the proxy configuration,

netsh winhttp set proxy <proxy>:<port_number>

3.Open a command prompt and start LunaCM. If the command executes with no errors your connection is working correctly.



	SUPPORT	LEGAL
Luna Cloud HSM Documentation © Copyright 2001-2024, Thales Group Last Updated: 2024-03-21 11:07:25 GMT-04:00	Customer Release Notes Customer Support Portal Support Contacts	End User License Agreement Document Information