CA Menu Functions

#	Function	Description
(70)	Set Domain	(Not for Luna HSM 7)
(71)	Clone Key	(Not for Luna HSM 7)
(72)	Set MofN	(Not for Luna HSM 7)
(73)	Generate MofN	(Not for Luna HSM 7) This option allows you to generate MofN authentication splits, or secret shares. You can generate up to 16 shares (N), and you can specify how many of these shares are needed (M) in order to activate the token (up to 16).
(74)	Activate MofN	(Not for Luna HSM 7) This option allows you to authenticate yourself to the token using MofN secret shares generated by option (73) Generate MofN. You must activate MofN on a token on which MofN has been generated, or you are unable to perform any cryptographic operations with the token.
(75)	Generate Token Keys	(Not for Luna HSM 7) Some tokens have the ability to support customer loaded certificates used for key cloning. If your token supports this feature, and you wish to use your own key cloning certificates (rather than the default certificates provided by Thales), the first step is to Generate token keys. NOTE If you do this, you are not able to clone to any other Luna CA tokens except those containing your own certificate.
(76)	Get Token Cert	(Not for Luna HSM 7) This option is the next step in loading your own key cloning certificate onto the token. This action is done after option (75) Generate Token Keys.
(77)	Sign Token Cert	(Not for Luna HSM 7) This option is the final step to load a customer key cloning certificate to the token. This step is done after options (75) Generate Token Keys and (76) Get Token Cert.
(78)	Generate CertCo Cert	(Not for Luna HSM 7) Generate a special-purpose certificate for CertCo application.
(79)	Modify MofN	(Not for Luna HSM 7) Modifies the secret splitting vector on a token.
(86)	Duplicate MofN Keys	(Not for Luna HSM 7) Create duplicates (copies) of all MofN secret splits.
(87)	Deactivate MofN	Decache the MofN data.
(88)	Get Token Certificates	Extract one of the following certificates from the HSM. You must supply the type and filename of the certificate you want to extract: >Root certificate >Hardware origin certificate >ECC hardware origin certificate >TWC (token wrapping certificate) version 1, 2, or 3. >CITS device authentication certificate
(112)	Set Legacy Cloning Domain	This option sets the legacy Cloning Domain, from a legacy token, into association with the modern cloning domain attached to a current-model Luna HSM, to allow migration of token objects from legacy HSMs.

(70)

Set Domain

(Not for Luna HSM 7)

(71)

Clone Key

(Not for Luna HSM 7)

(72)

Set MofN

(Not for Luna HSM 7)

(73)

Generate MofN

(Not for Luna HSM 7) This option allows you to generate MofN authentication splits, or secret shares. You can generate up to 16 shares (N), and you can specify how many of these shares are needed (M) in order to activate the token (up to 16).

(74)

Activate MofN

(Not for Luna HSM 7) This option allows you to authenticate yourself to the token using MofN secret shares generated by option (73) Generate MofN. You must activate MofN on a token on which MofN has been generated, or you are unable to perform any cryptographic operations with the token.

(75)

Generate Token Keys

(Not for Luna HSM 7) Some tokens have the ability to support customer loaded certificates used for key cloning. If your token supports this feature, and you wish to use your own key cloning certificates (rather than the default certificates provided by Thales), the first step is to Generate token keys.

NOTE If you do this, you are not able to clone to any other Luna CA tokens except those containing your own certificate.

(76)

Get Token Cert

(Not for Luna HSM 7) This option is the next step in loading your own key cloning certificate onto the token. This action is done after option (75) Generate Token Keys.

(77)

Sign Token Cert

(Not for Luna HSM 7) This option is the final step to load a customer key cloning certificate to the token. This step is done after options (75) Generate Token Keys and (76) Get Token Cert.

(78)

Generate CertCo Cert

(Not for Luna HSM 7) Generate a special-purpose certificate for CertCo application.

(79)

Modify MofN

(Not for Luna HSM 7) Modifies the secret splitting vector on a token.

(86)

Duplicate MofN Keys

(Not for Luna HSM 7) Create duplicates (copies) of all MofN secret splits.

(87)

Deactivate MofN

Decache the MofN data.

(88)

Get Token Certificates

Extract one of the following certificates from the HSM. You must supply the type and filename of the certificate you want to extract:

>Root certificate

>Hardware origin certificate

>ECC hardware origin certificate

>TWC (token wrapping certificate) version 1, 2, or 3.

>CITS device authentication certificate

(112)

Set Legacy Cloning Domain

This option sets the legacy Cloning Domain, from a legacy token, into association with the modern cloning domain attached to a current-model Luna HSM, to allow migration of token objects from legacy HSMs.



	SUPPORT	LEGAL
Luna Network HSM 7 Documentation © Copyright 2001-2024, Thales Group Last Updated: 2024-05-03 15:32:49 GMT-04:00	Customer Release Notes Customer Support Portal Support Contacts	End User License Agreement Third Party Software Licenses Document Information