Credential Management
The credential management commands are required for managing the credentials of the HSM and the connection to it.
Commands will require an established <HSM connection and credentials> parameter to be able to execute properly. For further assistance on how to prepare your <HSM connection and credentials> parameter, see HSM Connection and Access Credentials section.
Generate Blinding Key File
Generates a blinded key file generally used for blinding HSM connection and credential details.
Secret blinding might impact operation in case of tool or vendor migration.
Execute the command:
java -jar primus-tools.jar GenerateBlindingKeyFile <HSM connection and credentials> [-force]
Configuring Permanent Secret
As the temporary setup password will expire, you should retrieve the permanent secret (which does not expire) which is blinded to a file with the following command:
java -jar primus-tools.jar GetUserSecret <HSM connection and credentials> [-blinded] [-outputfile <output file name>] [-blindingkeyfile] (use the blinding key file "primus.blindingkeyfile")
Blind Password
Passwords (e.g. proxy password, setup password, permanent secret) can be written blinded to files with the following command:
Secret blinding might impact operation in case of tool or vendor migration.
java -jar primus-tools.jar BlindPassword [options] <password>|consoleinput:|file:<path/name> [-outputfile <output file name>]/
[-blindingkeyfile] (use the blinding key file "primus.blindingkeyfile")
Login
Use the command Login to test out the HSM credentials and connectivity.
java -jar primus-tools.jar Login <HSM connection and credentials> [-times <times>] [-delay <seconds>] /
[-timeout <seconds>] [-progress] [-verbose]