cmu getpkc

Retrieve a Public Key Confirmation from the HSM.

NOTE   This operation works with non-extractable keys only, and supports both RSA and ECC keypair types.

This confirmation procedure is currently not supported on FM-enabled HSMs. Refer to FM Deployment Constraints for details.

Syntax

cmu getpkc [{-handle=<handle#> | -ouid=<OUID#>}] [-outputfile=<filename>] [-verify]

Argument(s) Description
-handle=<handle#> The handle to the corresponding private key for the PKC. This method of selection applies to Luna HSMs only. On a Luna Cloud HSM service slot, use -ouid.
-ouid=<OUID#> The Object Unified Identifier (OUID) to the corresponding private key for the PKC. This method of selection requires Luna HSM Client 10.2.0 or newer, and applies to Luna Cloud HSM services only. On a Luna HSM slot, use -handle.
-outputfile=<filename> The name of the file that receives the PKC.
-verify Sets a flag to verify the PKC against the certificate that signed the PKC. It must be set to True or False (or 1 or 0), with False being the default.

If you run the command with no parameters, you are prompted for the mandatory ones.

See also Common CMU Options.

Example

cmu getpkc –handle=5