All Products
Search

This Product

    Key Management Service:importPubKey

    Document Center

    Key Management Service:importPubKey

    Last Updated:Nov 12, 2024

    This topic explains how to import a public key into HSM using the importPubKey command.

    Feature description

    • The importPubKey command allows for the importation of a public key from a file into HSM.

    • Utilizing the exportPubKey command, importPubKey facilitates the backup or migration of public keys.

    Important

    Ensure you start the key_mgmt_tool and log on to HSM as a CU before executing this command.

    Syntax

    Enter the parameters as outlined in the syntax below. For descriptions of each parameter, see Parameters.

    importPubKey -l <label>
             -f <key-file>
             [-sess]
             [-id <key-id>]
             [min_srv <minimum-number-of-servers>]
             [-timeout <number-of-seconds>]
    Important

    Parameters must be entered in the specified order.

    Example

    The following example demonstrates importing the publickey.pem file and assigning the label importedPublicKey to the key. The output indicates that the handle for the imported public key in HSM is 18.

    Command:  importPubKey -l importedPublicKey -f publickey.pem

       	Cfm3CreatePublicKey returned: 0x00 : HSM Return: SUCCESS

Public Key Handle: 18

       	Cluster Status:
       	Node id 0 status: 0x00000000 : HSM Return: SUCCESS

    Parameters

    Parameter Name

    Description

    Required

    Valid Values

    -l

    Defines the label for the imported key.

    Yes

    No specific requirements

    -f

    Indicates the file name containing the key to import.

    Yes

    No specific requirements

    -sess

    Marks the imported key as a session key.

    No

    No specific requirements

    -id

    Assigns an ID to the imported key.

    No

    No specific requirements

    -min_srv

    • Determines the minimum number of servers required for synchronization within the specified timeout period.

    • If synchronization to the required number of servers is not achieved within the timeout, the key will not be created.

    No

    No specific requirements

    -timeout

    • Sets the time in seconds for the key to synchronize to the specified number of servers (refer to min_srv).

    • This parameter is applicable only when used in conjunction with the min_srv parameter.

    • Default setting: There is no timeout; the command will wait indefinitely until the key is synchronized to the minimum number of servers.

    No

    No specific requirements