nethsmenroll
nethsmenroll [OPTIONS] NETHSM-IP [ESN HKNETI]As an alternative to hand-editing a client’s hardserver configuration file, you can run nethsmenroll on a client to configure it to access an nShield HSM.
For example:
-
Enroll an HSM, without needing to restart the hardserver
-
Unenroll an HSM (
nethsmenroll -r), then restart the hardserver to update the information about the HSM estate
A network-attached HSM for this kind of configuration file editing can be either an nShield Connect or nShield 5c, or a remote hardserver that has been configured to export a local HSM. If the network-attached HSM’s ESN and HKNETI are not specified, attempts to contact the HSM to determine them and requests confirmation. ESN and HKNETI must be specified if the HSM is a remote hardserver with more than one HSM.
For more information, see:
| Option | Description | ||
|---|---|---|---|
|
Forces reconfiguration of an already known HSM. |
||
|
Specifies the |
||
|
Does not request confirmation when automatically determining the nethsm’s ESN and HKNETI.
|
||
|
Causes the hardserver to request a privileged connection to the HSM. |
||
|
Specifies the port to use when connecting to the HSM. |
||
|
Deconfigures the HSM. |
||
|
When the ESN and HKNETI have been provided on the command line, verifies that the HSM is alive, reachable and matches those details. |
||
Option to address HSMs |
|||
|
Specifies the number of the module whose hardserver configuration file to use. |
||
Help options |
|||
|
Displays help for |
||
|
Displays a brief usage summary for |
||
|
Displays the version number of the Security World Software that deploys |
||