ADC

付録

サンプルコマンドとその出力:

スクリプトの実行

     root@ns# pwd
    /var/safenet/config
    root@ns# sh safenet_config
<!--NeedCopy-->

証明書を作成する

    root@ns# cd /var/safenet/safenet/lunaclient/bin
    root@ns# ./vtl createcert -n 10.102.59.175
    Private Key created and written to: /var/safenet/safenet/lunaclient/cert/client/10.102.59.175Key.pem
    Certificate created and written to: /var/safenet/safenet/lunaclient/cert/client/10.102.59.175.pem
<!--NeedCopy-->

証明書を HSM にコピー

    root@ns# scp /var/safenet/safenet/lunaclient/cert/client/10.102.59.175.pem admin@10.217.2.7:
    admin@10.217.2.7's password:

    10.102.59.175.pem          100%  818     0.8KB/s   00:00
<!--NeedCopy-->

証明書とキーをHSMからCitrix ADCアプライアンスにコピーします

    root@ns# scp admin@10.217.2.7:server.pem /var/Thales Luna/safenet/lunaclient/server.2.7.pem
    admin@10.217.2.7's password:

    server.pem            100% 1164     1.1KB/s   00:01
<!--NeedCopy-->

SSH を使用してThales Luna HSM に接続する

    ssh admin@10.217.2.7
    Connecting to 10.217.2.7:22...
    Connection established.
    To escape to local shell, press 'Ctrl+Alt+]'.

    Last login: Thu Jun 23 02:20:29 2016 from 10.252.243.11

    Luna SA 5.2.3-1 Command Line Shell - Copyright (c) 2001-2014 SafeNet, Inc. All rights reserved.

    [Safenet1] lunash:>hsm login


      Please enter the HSM Administrators' password:
      > *******

    'hsm login' successful.


    Command Result : 0 (Success)
    [Safenet1] lunash:>
<!--NeedCopy-->

Thales Luna HSMにCitrix ADCを登録する

    [Safenet1] lunash:>client register -client ns175 -ip 10.102.59.175

    'client register' successful.


    Command Result : 0 (Success)
    [Safenet1] lunash:>
<!--NeedCopy-->

パーティション・リストからクライアントにパーティションを割り当てる

    [Safenet1] lunash:>client assignPartition -client ns175 -partition p2

    'client assignPartition' successful.


    Command Result : 0 (Success)
    [Safenet1] lunash:>
<!--NeedCopy-->

HSMとその証明書をNetScalerに登録します

    root@ns# ./vtl addserver -n 10.217.2.7 -c /var/safenet/safenet/lunaclient/server.2.7.pem

    New server 10.217.2.7 successfully added to server list.
<!--NeedCopy-->

ADC と HSM 間のネットワークトラストリンク (NTL) 接続を確認します

    root@ns# ./vtl verify

    The following Luna SA Slots/Partitions were found:

    Slot        Serial #                  Label
    ====      ================           =====
       0              477877010          p2
<!--NeedCopy-->

構成を保存します

    root@ns# cp /etc/Chrystoki.conf /var/safenet/config/
<!--NeedCopy-->

起動時にゲートウェイデーモンの自動起動を設定

    touch /var/safenet/safenet_is_enrolled
<!--NeedCopy-->