AWS CloudHSM 클라이언트 SDK 5 구성 구문 - AWS CloudHSM

AWS CloudHSM 클라이언트 SDK 5 구성 구문

다음 표는 클라이언트 SDK 5용 AWS CloudHSM 구성 파일의 구문을 보여줍니다.

PKCS #11
configure-pkcs11[ .exe ] -a <ENI IP address> [--hsm-ca-cert <customerCA certificate file path>] [--cluster-id <cluster ID>] [--endpoint <endpoint>] [--region <region>] [--server-client-cert-file <client certificate file path>] [--server-client-key-file <client key file path>] [--client-cert-hsm-tls-file <client certificate hsm tls path>] [--client-key-hsm-tls-file <client key hsm tls path>] [--log-level <error | warn | info | debug | trace>] Default is <info> [--log-rotation <daily | weekly>] Default is <daily> [--log-file <file name with path>] Default is </opt/cloudhsm/run/cloudhsm-pkcs11.log> Default for Windows is <C:\\Program Files\\Amazon\\CloudHSM\\cloudhsm-pkcs11.log> [--log-type <file | term>] Default is <file> [-h | --help] [-V | --version] [--disable-key-availability-check] [--enable-key-availability-check] [--disable-validate-key-at-init] [--enable-validate-key-at-init] This is the default for PKCS #11
OpenSSL
configure-dyn[ .exe ] -a <ENI IP address> [--hsm-ca-cert <customerCA certificate file path>] [--cluster-id <cluster ID>] [--endpoint <endpoint>] [--region <region>] [--server-client-cert-file <client certificate file path>] [--server-client-key-file <client key file path>] [--client-cert-hsm-tls-file <client certificate hsm tls path>] [--client-key-hsm-tls-file <client key hsm tls path>] [--log-level <error | warn | info | debug | trace>] Default is <error> [--log-type <file | term>] Default is <term> [-h | --help] [-V | --version] [--disable-key-availability-check] [--enable-key-availability-check] [--disable-validate-key-at-init] This is the default for OpenSSL [--enable-validate-key-at-init]
JCE
configure-jce[ .exe ] -a <ENI IP address> [--hsm-ca-cert <customerCA certificate file path>] [--cluster-id <cluster ID>] [--endpoint <endpoint>] [--region <region>] [--server-client-cert-file <client certificate file path>] [--server-client-key-file <client key file path>] [--client-cert-hsm-tls-file <client certificate hsm tls path>] [--client-key-hsm-tls-file <client key hsm tls path>] [--log-level <error | warn | info | debug | trace>] Default is <info> [--log-rotation <daily | weekly>] Default is <daily> [--log-file <file name with path>] Default is </opt/cloudhsm/run/cloudhsm-jce.log> Default for Windows is <C:\\Program Files\\Amazon\\CloudHSM\\cloudhsm-jce.log> [--log-type <file | term>] Default is <file> [-h | --help] [-V | --version] [--disable-key-availability-check] [--enable-key-availability-check] [--disable-validate-key-at-init] This is the default for JCE [--enable-validate-key-at-init]
CloudHSM CLI
configure-cli[ .exe ] -a <ENI IP address> [--hsm-ca-cert <customerCA certificate file path>] [--cluster-id <cluster ID>] [--endpoint <endpoint>] [--region <region>] [--server-client-cert-file <client certificate file path>] [--server-client-key-file <client key file path>] [--client-cert-hsm-tls-file <client certificate hsm tls path>] [--client-key-hsm-tls-file <client key hsm tls path>] [--log-level <error | warn | info | debug | trace>] Default is <info> [--log-rotation <daily | weekly>] Default is <daily> [--log-file <file name with path>] Default for Linux is </opt/cloudhsm/run/cloudhsm-cli.log> Default for Windows is <C:\\Program Files\\Amazon\\CloudHSM\\cloudhsm-cli.log> [--log-type <file | term>] Default setting is <file> [-h | --help] [-V | --version] [--disable-key-availability-check] [--enable-key-availability-check] [--disable-validate-key-at-init] This is the default for CloudHSM CLI [--enable-validate-key-at-init]