How to delete keys on HSM - Key Management Service - Alibaba Cloud Documentation Center

This topic explains the process of using the deleteKey command to remove keys from HSM.

Feature description

The deleteKey command allows for the removal of a single key from HSM at a time.
Removing one key from a key pair does not impact the remaining key.
Key deletion is restricted to the key owner; users with access to shared keys can utilize them for encryption but are not permitted to delete them.

Important

Ensure you have initiated the key_mgmt_tool and logged on to HSM as a CU before executing this command.

Syntax

Enter parameters as per the following syntax. For details on parameters, refer to Parameters.

deleteKey -k

Important

Parameters must be entered in the sequence outlined in the syntax.

Example

Below is an example of how to delete a key with a handle value of 6.

Command:  deleteKey -k 6

       	Cfm3DeleteKey returned: 0x00 : HSM Return: SUCCESS

       	Cluster Status:
       	Node id 0 status: 0x00000000 : HSM Return: SUCCESS

Parameters

Parameter name	Description	Required	Valid values
-k	Indicates the key handle of the key to be deleted.	Yes	Use findKey to locate the key handle