这篇文章已经过机器翻译.放弃
附录
示例命令及其输出:
运行脚本
root@ns# pwd
/var/safenet/config
root@ns# sh safenet_config
创建证书
root@ns# cd /var/safenet/safenet/lunaclient/bin
root@ns# ./vtl createcert -n 10.102.59.175
Private Key created and written to: /var/safenet/safenet/lunaclient/cert/client/10.102.59.175Key.pem
Certificate created and written to: /var/safenet/safenet/lunaclient/cert/client/10.102.59.175.pem
将证书复制到 HSM
root@ns# scp /var/safenet/safenet/lunaclient/cert/client/10.102.59.175.pem admin@10.217.2.7:
admin@10.217.2.7's password:
10.102.59.175.pem 100% 818 0.8KB/s 00:00
将证书和密钥从 HSM 复制到 NetScaler 设备
root@ns# scp admin@10.217.2.7:server.pem /var/Thales Luna/safenet/lunaclient/server.2.7.pem
admin@10.217.2.7's password:
server.pem 100% 1164 1.1KB/s 00:01
使用 SSH 连接到泰雷兹 Luna HSM
ssh admin@10.217.2.7
Connecting to 10.217.2.7:22...
Connection established.
To escape to local shell, press 'Ctrl+Alt+]'.
Last login: Thu Jun 23 02:20:29 2016 from 10.252.243.11
Luna SA 5.2.3-1 Command Line Shell - Copyright (c) 2001-2014 SafeNet, Inc. All rights reserved.
[Safenet1] lunash:>hsm login
Please enter the HSM Administrators' password:
> *******
'hsm login' successful.
Command Result : 0 (Success)
[Safenet1] lunash:>
在泰雷兹 Luna HSM 上注册 NetScaler
[Safenet1] lunash:>client register -client ns175 -ip 10.102.59.175
'client register' successful.
Command Result : 0 (Success)
[Safenet1] lunash:>
从分区列表中为客户端分配一个分区
[Safenet1] lunash:>client assignPartition -client ns175 -partition p2
'client assignPartition' successful.
Command Result : 0 (Success)
[Safenet1] lunash:>
在 NetScaler 上注册 HSM 及其证书
root@ns# ./vtl addserver -n 10.217.2.7 -c /var/safenet/safenet/lunaclient/server.2.7.pem
New server 10.217.2.7 successfully added to server list.
验证 ADC 和 HSM 之间的网络信任链接 (NTL) 连接
root@ns# ./vtl verify
The following Luna SA Slots/Partitions were found:
Slot Serial # Label
==== ================ =====
0 477877010 p2
保存配置
root@ns# cp /etc/Chrystoki.conf /var/safenet/config/
在引导时配置 Gateway 关守护进程的自动启动
touch /var/safenet/safenet_is_enrolled
本内容的正式版本为英文版。部分 Cloud Software Group 文档内容采用了机器翻译,仅供您参考。Cloud Software Group 无法控制机器翻译的内容,这些内容可能包含错误、不准确或不合适的语言。对于从英文原文翻译成任何其他语言的内容的准确性、可靠性、适用性或正确性,或者您的 Cloud Software Group 产品或服务沿用了任何机器翻译的内容,我们均不作任何明示或暗示的保证,并且适用的最终用户许可协议或服务条款或者与 Cloud Software Group 签订的任何其他协议(产品或服务与已进行机器翻译的任何文档保持一致)下的任何保证均不适用。对于因使用机器翻译的内容而引起的任何损害或问题,Cloud Software Group 不承担任何责任。
已复制!
失败!