Checks the HSM connectivity.
evactl check hsm [-l <level>] [-p <pin>] [-v <vendor>] [-t <token>]For example:
$ sudo evactl check hsmStarting PKCS #11 Manager...               Done        Slot Id ->              0        Label ->                pking203        Serial Number ->        1433959427612        Model ->                LunaSA 7.2.0        Firmware Version ->     7.0.3        Configuration ->        Luna User Partition With SO (PED) Signing With Cloning Mode        Slot Description ->     Net Token Slot        FM HW Status ->         FM Ready        Slot Id ->              1        Label ->                pking202        Serial Number ->        1433964084224        Model ->                LunaSA 7.2.0        Firmware Version ->     7.0.3        Configuration ->        Luna User Partition With SO (PED) Signing With Cloning Mode        Slot Description ->     Net Token Slot        FM HW Status ->         FM Ready        Current Slot Id: 0Passing HSM checks...                      DoneSee below for a description of each option.
-l <level>
Debug the nShield HSM with the <level> level, where <level> is a CKNFAST_DEBUG variable level. When not using a nShield HSM, the command ignores this option.
See the nShield documentation for details on the CKNFAST_DEBUG configuration parameter.
Mandatory: No. This optional parameter defaults to 0.
-p <pin>
Authenticate in the HSM with the <pin> PIN.
Mandatory: No. When omitting this option, the command looks for the PIN in the application secrets. If not found, prompts the user for the PIN.
-v <vendor>
Use the <vendor> security module. See the following table for the supported values.
| Vendor | Security module | 
|---|---|
| none | Built-in software PKCS #11 module. | 
| nshield | nShield HSM. See HSM requirements for the supported models. | 
| thales | Thales HSM. See HSM requirements for the supported models. | 
It is recommended to select a Hardware Security Module (HSM).
Mandatory: No. When omitting this option, the command assumes the value of the Vendor configuration parameter.
The command will raise an error if you omit this option and the configuration is not loaded.
-t <token>
Select the HSM token with the <token> label.
Mandatory: No. When omitting this option, the command uses the value of the Token label configuration parameter.
The command will raise an error if you omit this option and the configuration is not loaded.