Manual Chapter : Additional Information

Applies To:

Show Versions Show Versions


  • 14.1.3, 14.0.0


  • 14.1.3, 14.0.0


  • 14.1.3, 14.0.0


  • 14.1.3, 14.0.0


  • 14.1.3, 14.0.0


  • 14.1.3, 14.0.0
Manual Chapter

Additional Information

Upgrading the BIG-IP software when using the SafeNet Luna HSM

After a BIG-IP system software or hotfix upgrade, you do not need to run the SafeNet Luna SA client setup script. Any local keys and certificates you added to the BIG-IP system configuration before upgrading (using the command
tmsh install sys crypto
) appear in the upgrade partition and can be used. Keys, certificates, and CSRs created using
are already part of the BIG-IP system configuration and can be used.
If you will need keys, certificates, or CSRs that were not added to the BIG-IP system configuration, before you upgrade, copy the files into the
directory. After the upgrade, copy them back to their appropriate directories in the new partition:
, or
  1. Log in to the command-line interface of the BIG-IP system using an account with administrator privileges.
  2. Reinstall the Luna SA client on the BIG-IP system, using the parameters you used when you initially installed and registered it.

Uninstalling SafeNet Luna SA components from the BIG-IP system

If you no longer need to use the SafeNet Luna SA HSM on a BIG-IP system, you should uninstall the files.
  1. Log in to the command-line interface of the system using an account with administrator privileges.
  2. Uninstall the SafeNet client software and clean up SafeNet directories. -u [-v] utility options

utility includes these options:
Reinstalls when a connection with HSM already exists.
Displays help.
Uninstalls SafeNet software and cleans up SafeNet directories.
Prints verbose output about the executing operations.
SafeNet Luna SA HSM IP address(es). For multiple HSMs, use a double-quoted value with space-separated IP addresses (such as
SafeNet HSM partition password. This password must be the same for all HSMs being used in High Availability (HA) configurations.
SafeNet Luna SA HSM user name. Default is
Name for the SafeNet HSM HA group. When using multiple HSMs in a HA configuration, all HSMs in HA must use the same partition password.
SafeNet Luna SA tarball to be installed (for example, Luna_5.1_Client_Software.tar). This file must be stored on theBIG-IP system in
Interface identifier of BIG-IP to be used to communicate with the SafeNet Luna SA HSM (eth0). The default is the management interface.
IP address of the BIG-IP as seen by the SafeNet HSM.
Indicates the number of threads pkcs11d will use. The default is 20.
Indicates message verbosity level. The default value is zero, and all levels greater than zero indicate verbose output.