![]() > $MIN_CLIENT_DIR/bin/64/configurator setValue -s "Secure Trusted Channel" -e PartitionIdentitiesDir -v $HOME/luna-docker/config/stc/partition_identitiesĩ.Create a Luna HSM Client certificate for the Docker containers. > $MIN_CLIENT_DIR/bin/64/configurator setValue -s "Secure Trusted Channel" -e ClientIdentitiesDir -v $HOME/luna-docker/config/stc/client_identities > $MIN_CLIENT_DIR/bin/64/configurator setValue -s "Secure Trusted Channel" -e SoftTokenDir -v $HOME/luna-docker/config/stc/token > $MIN_CLIENT_DIR/bin/64/configurator setValue -s "Secure Trusted Channel" -e ClientTokenLib -v $MIN_CLIENT_DIR/libs/64/libSoftToken.so > $MIN_CLIENT_DIR/bin/64/configurator setValue -s "LunaSA Client" -e ServerCAFile -v $HOME/luna-docker/config/certs/CAFile.pem > $MIN_CLIENT_DIR/bin/64/configurator setValue -s "LunaSA Client" -e ClientCertFile -v $HOME/luna-docker/config/certs/dockerlunaclient.pem ![]() > $MIN_CLIENT_DIR/bin/64/configurator setValue -s "LunaSA Client" -e ClientPrivKeyFile -v $HOME/luna-docker/config/certs/dockerlunaclientKey.pem > $MIN_CLIENT_DIR/bin/64/configurator setValue -s "LunaSA Client" -e SSLConfigFile -v $MIN_CLIENT_DIR/openssl.cnf > $MIN_CLIENT_DIR/bin/64/configurator setValue -s Misc -e ToolsDir -v $MIN_CLIENT_DIR/bin/64 > $MIN_CLIENT_DIR/bin/64/configurator setValue -s Chrystoki2 -e LibUNIX64 -v $MIN_CLIENT_DIR/libs/64/libCryptoki2_64.so > $MIN_CLIENT_DIR/bin/64/configurator setValue -s Chrystoki2 -e LibUNIX -v $MIN_CLIENT_DIR/libs/64/libCryptoki2.so > MIN_CLIENT_DIR=$HOME/luna-docker/LunaClient-Minimal. The goal is to have an HSM partition created and registered with the full Luna HSM Client before you create the Docker image and containers.Ĩ.Update the nf file paths so the tools work as expected If you choose to use STC, review the Luna Network HSM documentation and modify the following instructions. > export ChrystokiConfigurationPath=$HOME/luna-docker/configħ. x86_64/nf $HOME/luna-docker/config/nfĦ.Define the following environment variable: > cp $HOME/luna-docker/LunaClient-Minimal. x86_64.tar -C $HOME/luna-dockerĥ.Copy the nf file from the Minimal Client directory to $HOME/luna-docker/config. > tar -xf $HOME/luna-docker/LunaClient-Minimal. The contents of the config directory are needed by the Docker containers.ģ.Copy the Luna Minimal Client tarball to $HOME/luna-docker. $HOME/luna-docker/config/stc/token/001/token_v2.db ![]() $HOME/luna-docker/config/stc/token/001/token.db $HOME/luna-docker/config/stc/partition_identities $HOME/luna-docker/config/stc/client_identities The name is not important, only that you use it consistently.Ģ.Create the following subdirectories under that first directory: $HOME/luna-docker/configĪdditionally, if you are configuring STC: This example is based on CentOS 7 other operating systems might require adjustments to the commands and to the docker file.ġ.Create a directory. To install the Luna Minimal Client software on a Linux 64-bit Docker instance: If SELinux is enabled in Enforcing mode, you must assign proper permissions to any container that needs to access the config directory. NOTEThis feature requires minimum Luna HSM Client 7.2.0. These archived documents are not updated, and may contain errors and omissions. Select a release to view the available documentation for the release. Older versions of the documentation are release-specific. You are viewing the latest version of the Luna Network HSM 7 documentation, which covers all released Luna Network HSM 7 and Luna HSM Client 7/10 components, and is updated frequently with the latest corrections and improvements.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |