Downloading Certificate Signed Request (CSR)

Download CSR for the HSM cluster and then sign the CSR.

• Console
• CLI
• API

• Complete the following steps to initialize the HSM cluster:

  1. Open the Oracle Cloud Console navigation menu and click Identity & Security. Under Key Management & Secret Management, click Dedicated Key Management.
  2. In the HSM Cluster summary table, find a cluster in "Initialization Required" state, click Actions (Actions Menu) and then select Download & Upload Certificates.

     Note: The Download & Upload Certificates option is visible only for HSM partitions in "Initialization required" state.

  3. In the Download & Upload Workflow page, click Download CSR to download the CSR to your local machine.
  4. Click Next.

• Open a command prompt and run download-certificate-signing-request to download the certificate.

  oci kms kms-hsm-cluster hsm-cluster download-certificate-signing-request --hsm-cluster-id 
  

  For example:

  oci kms kms-hsm-cluster hsm-cluster download-certificate-signing-request --hsm-cluster-id ocid1.kmshsmcluster.sample1.sea.avs2pvjgaactu.abzwkljsshsfywmfvqr2vxo3q75ifayb5yxbhj63czq47ft3fpi52zah5p 
  

  For a complete list of parameters and values for CLI commands, see KMS CLI Command Reference.

• Run the DownloadCertificateSigningRequest operation that uses the KMSHSMCLUSTER API endpoint.

  Note
  
  Each region uses the KMSHSMCLUSTER API endpoint for HSM cluster operations. For regional endpoints, see the API Endpoints.