cmu getpkc
Retrieve a Public Key Confirmation from the HSM.
NOTE This operation works with non-extractable keys only, and supports both RSA and ECC keypair types.
This confirmation procedure is currently not supported on FM-enabled HSMs. Refer to FM Deployment Constraints for details.
Syntax
cmu getpkc [{-handle=<handle#> | -ouid=<OUID#>}] [-outputfile=<filename>] [-verify]
Argument(s) | Description |
---|---|
-handle=<handle#> | The handle to the corresponding private key for the PKC. This method of selection applies to Luna HSMs only. On a Luna Cloud HSM service slot, use -ouid. |
-ouid=<OUID#> | The Object Unified Identifier (OUID) to the corresponding private key for the PKC. This method of selection |
-outputfile=<filename> | The name of the file that receives the PKC. |
-verify | Sets a flag to verify the PKC against the certificate that signed the PKC. It must be set to True or False (or 1 or 0), with False being the default. |
If you run the command with no parameters, you are prompted for the mandatory ones.
See also Common CMU Options.
Example
cmu getpkc –handle=5