Uploading Certificates Generated from CSR

Upload the partition certificate and partition owner certificate generated from CSR to complete the "Initialization Required" state.

The third step is to upload the certificates generated from CSR. The certificates are the Partition certificate (partitionCert.pem) and the Partition Owner certificate (partitionOwnerCert.pem).

  • Complete the following steps to activate the HSM cluster:

    1. Open the Oracle Cloud Console navigation menu and click Identity & Security. Under Key Management & Secret Management, click Dedicated Key Management.
    2. In the HSM Cluster summary table, find a cluster in "Initialization Required" state, click Actions (Actions Menu) and then select Download & Upload Certificates.

      Note: The Download & Upload Certificates option is visible only for HSM partitions in "Initialization required" state.

    3. In the Download & Upload Workflow page, click Upload Certificates and then, select the partition certificate and partition owner certificate from your local machine.
    4. Click Upload.
  • Open a command prompt and run upload-partition-certificates to download the certificate.

    oci kms kms-hsm-cluster hsm-cluster upload-partition-certificates --hsm-cluster-id 
    

    For example:

    oci kms kms-hsm-cluster hsm-cluster upload-partition-certificates --hsm-cluster-id, --partition-certificate, --partition-owner-certificate 
    

    For a complete list of parameters and values for CLI commands, see KMS CLI Command Reference.

  • Run the UploadPartitionCertificates operation that uses the KMSHSMCLUSTER API endpoint.

    Note

    Each region uses the KMSHSMCLUSTER API endpoint for HSM cluster operations. For regional endpoints, see the API Endpoints.