To use a Thales Luna HSM, select this option and configure the following settings.
See HSM requirements for the supported Thales Luna HSM versions.
Token Label
The label of the HSM token that contains the private key for certificate signing.
HSM PIN
The PIN (Personal Identification Number) of the HSM.
Files
Copy the following files to the PKI Hub host and click Choose File to import them.
Do not change the file names, as they are referenced by the Chrystoki.conf configuration file.
Field | Default file path | Description |
|---|---|---|
Server CA File | <client>/cert/server/server.pem | The CA certificate of the Thales Luna HSM server |
Client Private Key File | <client>/cert/client/clientKey.pem | The private key of the Thales Luna HSM client |
Client Certificate File | <client>/cert/client/clientCert.pem | The certificate of the Thales Luna HSM client |
Chrystoki Configuration File | <client>/config/Chrystoki.conf | The configuration file of the Thales Luna HSM client |
Where <client> is the path of the Thales Luna installation folder.