All Products
Search
Document Center

Step 8: Activate cluster

Last Updated: Aug 31, 2021

In order to manage HSM instances and use the HSM cluster, you need to activate the cluster. Before activating a cluster, make sure you have completed Step 7: Initialize the cluster.

Complete the following steps to activate the cluster:

  1. Initialize the master HSM instance.

  2. Finish activating the cluster.

Initialize the master HSM instance

Log on to your HSM instance by using the credentials of a precrypto officer (PRECO). The new HSM instance contains a PRECO user with a default username and password. The PRECO user becomes a crypto officer (CO) after you set a new password.

  1. Run the following commands to start the hsm_mgmt_tool command line utility:

    /opt/hsm/bin/hsm_mgmt_tool /opt/hsm/etc/hsm_mgmt_tool.cfg
  2. (Optional) Run the listUsers command to display the number of users.

    Users on server 0(172.16.x.x):
    Number of users found:2
    
        User Id         User Type       User Name                  MofnPubKey    LoginFailureCnt         2FA
             1          PRECO       admin                                    NO               0               NO
             2          AU          app_user                                 NO               0               NO
    
  3. Run the loginHSM command to log on to the HSM as the PRECO. The PRECO is a temporary user that is automatically created on all new HSM instances.

    cloudmgmt>loginHSM PRECO admin password
    loginHSM success on server 0(172.16.x.x)
  4. Run the changePswd command to change the password of the PRECO user. The PRECO user becomes a CO after you change the password.

    cloudmgmt>changePswd PRECO admin <NewPassword>
    
    *************************CAUTION********************************
    This is a CRITICAL operation, should be done on all nodes in the
    cluster. Cav server does NOT synchronize these changes with the
    nodes on which this operation is not executed or failed, please
    ensure this operation is executed on all nodes in the cluster.
    ****************************************************************
    
    Do you want to continue(y/n)? y
    Changing password for admin(PRECO) on 1 nodes
  5. (Optional) Run the listUsers command to verify that the user type is changed to CO.

    cloudmgmt>listUsers
    Users on server 0(172.16.x.x):
    Number of users found:2
    
        User Id         User Type       User Name                  MofnPubKey    LoginFailureCnt         2FA
             1          CO          admin                                    NO               0               NO
             2          AU          app_user                                 NO               0               NO
  6. Run the quit command to stop the hsm_mgmt_tool command line utility.

    cloudmgmt>quit
    disconnecting from servers, please wait...

Finish activating cluster

There are two ways to finish cluster activation.

On the Initialize & Activate Cluster page:

  • Click Activate Cluster to finish cluster activation.

On the Clusters page:

  • Choose Activate for the cluster you want to finish activation.

Step Result

Upon Activate Cluster success, the cluster status will become Activated on the Clusters page.

clusters_activated