Imports the configuration of a Thales HSM. Use the following syntax to import this configuration from a ZIP file.
evactl import-thales -d <package_path> [-y]Use the following syntax to import this configuration from a Chrystoki file.
evactl import-thales -c <cert_dir> -k <chrystoki> [-y]For example:
$ sudo ./evactl import-thales -c ./eva-thales-config/cert -k ./eva-thales-config/Chrystoki.conf -ySaving Thales configuration... DoneWarning: EVA is already deployed! To apply the changes, EVA needs to be redeployed using the evactl deploy command.See below for a description of each option.
Changes will be effective when deploying (or redeploying) the solution with the Management Console or the clusterctl deploy command.
-c <cert_dir>
Import the client and server certificates for the Luna Network or DPoD authentication. Where <cert_dir> is the path of a cert directory with the following contents.
└───cert ├───client │ <clientKey>.pem │ <clientCert>.pem │ └───server <caCert>.pemSee below for a description of each field.
Value | Description |
|---|---|
<clientKey> | The file name of a PEM file containing the client's private key. |
<clientCert> | The file name of a PEM file containing the client's certificate. |
<caCert> | The file name of a PEM file containing the CA certificate for validating the server's certificate. |
After running the command, verify the Chrystoki.conf file includes the following configuration.
ClientPrivKeyFile = /usr/safenet/lunaclient/cert/client/<clientKey>.pem;ClientCertFile = /usr/safenet/lunaclient/cert/client/<clientCert>.pem;ServerCAFile = /usr/safenet/lunaclient/cert/server/<caCert>.pem;Do not modify any other path in the Chrystoki.conf file.
Mandatory: Yes.
-d <package_path>
Use the <package_path> DPoD configuration package, where <package_path> is the path of the ZIP package file.
Mandatory: Yes.
-k <chrystoki>
Import the <chrystoki> configuration of the Luna Network or DPoD client, where <chrystoki> is the path of the Christoky.conf file.
Mandatory: Yes.
-y
Skip the confirmation prompt.