Upgrading Firmware
You can check for new firmware versions as they become available on the customer website for Thales / Thales TCT, where you can download them. Downloading firmware requires that you complete the following two steps.
-
Use the ctp utility to transfer the new firmware to the HSM.
-
Use the update firmware command as shown in the following sample:
Copy[ade_luna_sa] lunash:>hsm update firmware
-
The HSM Administrator/Security Officer must be logged in prior to performing the firmware upgrade (using the blue PED key).
-
Any partition that is activated prior to the firmware update must be reactivated following the firmware update.
The following code sample illustrates the completion of a firmware update request, which displays the process for an earlier firmware release (4.5.3) and is presented for information purposes only.
[ade_luna_sa] lunash:>hsm login
Luna PED operation required to login as HSM Administrator - use blue PED key.
'hsm login' successful.
[ade_luna_sa] lunash:>hsm update firmware
CAUTION: This command updates the HSM firmware. This process cannot be reversed.
Any connected clients will have their connections closed.
All clients should disconnect and the NTLS should be stopped before
proceeding.
Type 'proceed' to continue, or type 'quit' to quit now.
proceed
Update Result: 0 (Success)
Command Result: 0 (Success)
[ade_luna_sa] lunash:>hsm show
Appliance Details:
==================
Software Version: 3.3.0-5
HSM Details:
============
HSM Label: ade_luna_sa
Serial #: 902514
Firmware: 4.5.3
Hardware Model: Luna K3
Authentication Method: PED keys
HSM Admin login status: Not Logged In
HSM Admin login attempts left: 3 before HSM zeroization!
MofN activation status: M of N not used
Partitions created on HSM:
==========================
There are no partitions.
FIPS 140-2 Operation:
==========================
The HSM is NOT in FIPS 140-2 approved operation mode.
