protocol ssl hsm server-cert import-cert
Configures a proxy certificate and corresponding private-key object on the HSM.
Syntax
protocol ssl hsm server-cert name <name> import-cert "<proxy-certificate-text>" key-slot <slot-number> [key-label <key-label>] [key-id <key-id>]
Parameters
<name> | Server certificate name. |
"<proxy-cert-text>" | Proxy certificate data in PEM format. Copy the text from the proxy certificate file here. |
key-slot <slot-number> | Specifies the slot number where the private key is placed on the HSM. You need to assign one slot on the HSM per server-side SteelHead. A slot is analogous to a partition on a disk. You need to assign a slot number on the HSM as part of the HSM configuration. See the SafeNet HSM documentation at: https://kb.safenet-inc.com/kb/link.jsp?id=DOW3161 |
key-label <key-label> | Specifies the key label. This label helps to identify the private key. |
key-id <key-id> | Specifies the key identifier. This identifier helps to identify the private key. |
Usage
Proxy certificates are stored on the server-side SteelHead and private keys are stored on the HSM. You configure commands on the server-side SteelHead to specify the location of the private-key objects on the HSM. You need to run these commands for each proxy certificate and key pair. The HSM contains multiple slots (partitions) and each slot can contain multiple objects.
Any SafeNet HSM client needs to know:
• Slot number on the HSM where the object is placed
• Slot pin for the slot
• Label or ID of the object for identification
Example
amnesiac (config) # protocol ssl hsm server-cert name rsa1024_cert import-cert "-----BEGIN CERTIFICATE..... --END CERTIFICATE-----" key-slot 1 key-label rsa1024_key
Product
SteelHead CX
Related Commands