Downloading Certificate Signed Request (CSR)

Download CSR for the HSM cluster and then sign the CSR.

  • Complete the following steps to initialize the HSM cluster:

    1. Open the Oracle Cloud Console navigation menu and click Identity & Security. Under Key Management & Secret Management, click Dedicated Key Management.
    2. In the HSM Cluster summary table, find a cluster in "Initialization Required" state, click Actions (Actions Menu) and then select Download & Upload Certificates.

      Note: The Download & Upload Certificates option is visible only for HSM partitions in "Initialization required" state.

    3. In the Download & Upload Workflow page, click Download CSR to download the CSR to your local machine.
    4. Click Next.
  • Open a command prompt and run download-certificate-signing-request to download the certificate.

    oci kms kms-hsm-cluster hsm-cluster download-certificate-signing-request --hsm-cluster-id 
    

    For example:

    oci kms kms-hsm-cluster hsm-cluster download-certificate-signing-request --hsm-cluster-id ocid1.kmshsmcluster.sample1.sea.avs2pvjgaactu.abzwkljsshsfywmfvqr2vxo3q75ifayb5yxbhj63czq47ft3fpi52zah5p 
    

    For a complete list of parameters and values for CLI commands, see KMS CLI Command Reference.

  • Run the DownloadCertificateSigningRequest operation that uses the KMSHSMCLUSTER API endpoint.

    Note

    Each region uses the KMSHSMCLUSTER API endpoint for HSM cluster operations. For regional endpoints, see the API Endpoints.