Export Private Key
Configure command for exporting a private Key.
The exportPrivateKey command exports asymmetric private key from an HSM to a file.
Open a command prompt and run exportPrivateKey command to export asymmetric private key from an HSM to a file.
Syntax
Syntax: exportPrivateKey -h -k <key handle> -out <key file> -w <wrapping key handle> [-m <wrapping mechanism>] [-wk <unwrapping key file>] Where,
| Parameter | Description |
|---|---|
| -h | displays this information |
| -w | specifies the handle of the wrapping key |
| -k | specifies the private key handle of the private key to be exported. |
| -m | Specifies the wrapping mechanism with which to wrap the private key being exported. For example, CLOUDHSM_AES_KEY_WRAP and NIST_AES_WRAP mechanism. Default value is 4. |
| -out | specifies the file to write the exported private key |
| -wk | Specifies the key for unwrapping the key being exported. Enter the path and name of a file that contains a plaintext AES key. |
Example
Command: exportPrivateKey -f /tmp/private-key1.pem -l kms
KeyMgmtUtilsexportPrivateKey returned: 0x00 : HSM Return: SUCCESS
Private Key Handle: 493
Cluster Status:
Node id 0 status: 0x00000000 : HSM Return: SUCCESS
Node id 1 status: 0x00000000 : HSM Return: SUCCESS
Node id 2 status: 0x00000000 : HSM Return: SUCCESS