Export Private Key

Configure command for exporting a private Key.

The exportPrivateKey command exports asymmetric private key from an HSM to a file.

Open a command prompt and run exportPrivateKey command to export asymmetric private key from an HSM to a file.

Syntax

 Syntax: exportPrivateKey -h -k <key handle> -out <key file> -w <wrapping key handle> [-m <wrapping mechanism>] [-wk <unwrapping key file>]     

Where,

Parameter Description
-h displays this information
-w specifies the handle of the wrapping key
-k specifies the private key handle of the private key to be exported.
-m Specifies the wrapping mechanism with which to wrap the private key being exported. For example, CLOUDHSM_AES_KEY_WRAP and NIST_AES_WRAP mechanism. Default value is 4.
-out specifies the file to write the exported private key
-wk Specifies the key for unwrapping the key being exported. Enter the path and name of a file that contains a plaintext AES key.

Example


Command:  exportPrivateKey -f /tmp/private-key1.pem -l kms
KeyMgmtUtilsexportPrivateKey returned: 0x00 : HSM Return: SUCCESS
Private Key Handle: 493
Cluster Status:
Node id 0 status: 0x00000000 : HSM Return: SUCCESS
Node id 1 status: 0x00000000 : HSM Return: SUCCESS
Node id 2 status: 0x00000000 : HSM Return: SUCCESS