apps hsm

Use the apps hsm command to configure a Hardware Security Module (HSM) appliance.

The apps hsm command has the following syntax:

apps hsm <alias <alias>>
   hsm-ip <HSM server IP address> hsm-port <port number> esn <HSM ESN string> kneti <HSM KNETI>

The following table describes the arguments for the apps hsm command:

Argument

Description

alias <alias> hsm-ip <HSM server IP address> hsm-port <port number> esn <HSM ESN string> kneti <HSM KNETI>

Configures an HSM appliance as follows ● alias—Specifies an alias of the HSM. ● hsm-ip—Specifies the IP address of the HSM server. Only IPv4 addresses are supported. ● hsm-port—Specifies the HSM port number. ● esn—Specifies the HSM Electronic Serial Number (ESN) for a given IP address. ● kneti—Specifies the HSM KNETI key for a given IP address. KNETI is a key hash exposed by each Entrust nShield HSM. Examples: (config) # apps hsm alias hsm1 hsm-ip 10.115.176.5 hsm-port 9004 esn FBC5-F777-2A93 kneti 30eab672d888d22eab811755d5938981ca5c8f18 (config) # apps hsm alias hsm2 hsm-ip 10.115.176.6 hsm-port 9004 esn 12EE-4B24-2FCE kneti cf9ad964faa9acdcbf0e725a76e77e212fd8345b Note:  Obtain the ESN and KNETI numbers from an HSM administrator. The following is from a HSM Remote File System (RFS): $ anonkneti 10.115.176.5 FBC5-F777-2A93 30eab672d888d22eab811755d5938981ca5c8f18 $ anonkneti 10.115.176.6 12EE-4B24-2FCE cf9ad964faa9acdcbf0e725a76e77e212fd8345b

Related Commands

The following table summarizes other commands related to the apps hsm command:

Task	Command
Displays a specified HSM.	# show apps hsm alias hsm1
Displays all HSM.	# show apps hsm all
Deletes a specified HSM.	(config) # no apps hsm alias hsm1
Deletes all HSM.	(config) # no apps hsm all