cmu getpkc
Retrieve a Public Key Confirmation from the HSM.
NOTE This confirmation procedure is currently not supported on FM-enabled HSMs. Refer to FM Deployment Constraints for details.
Syntax
cmu getpkc [-handle=<handle#>] [-outputfile=<filename>] [-pkctype=<type>] [-verify] [-password=<password>] [-ped=<PED_ID>] [-slot=<slot#>]
| Argument(s) | Description |
|---|---|
| -handle=<handle#> | The handle to the corresponding private key for the PKC. |
| -outputfile=<filename> | The name of the file that receives the PKC. |
| -pkctype=<type> |
Defines the PKC type. Valid values: 1(not used),2(Chrysalis-ITS) |
| -verify | Sets a flag to verify the PKC against the certificate that signed the PKC. It must be set to True or False (or 1 or 0), with False being the default. |
| Common | |
| -password=<password> | The password for the role accessing the current slot, with the current command. If this is not specified, it is prompted. |
| -ped=<PED_ID> | Specifies the PED ID for the registered Remote PED that will handle authentication for the current slot, with the current command. You must specify this parameter to use Remote PED authentication. |
| -slot=<slot#> | The slot to be acted upon, by the current command. If this is not specified, it is prompted. |
If you run the command with no parameters, you are prompted for the mandatory ones.
Example
cmu getpkc –handle=5 –pkctype=1
