inittpm operation

This feature is available from SNS version 3.10.1 upwards or 4.0.1 upwards.

This operation initializes TPM chips by passing the password as an argument, and if the firewall is part of a cluster (high availability enabled), to derive the key from the TPM password so that both firewalls will obtain the exact same key.

The TPM password must comply with the password policy set in the configuration (file ~/ConfigFiles/serverd section PasswordPolicy).

This operation must be performed before attempting to protect any private keys with TPM.

Format

"serial | any", inittpm, "tpmpassword"

EXAMPLE
SN310A17B0023A7, inittpm, TpmPasswordValue