Exports a public key from a Hardware Security Module (HSM) to a local file in PEM format, preserving all key properties without affecting any active encryption operations.
Use exportPubKey together with importPubKey to back up or migrate public keys between HSMs.
Prerequisites
Before you begin, make sure that you have:
Started
key_mgmt_toolLogged in to the HSM as a CU (Crypto User)
Syntax
exportPubKey -k <public-key-handle> -out <key-file>Important
Enter parameters in the exact order shown in the syntax.
Parameters
| Parameter | Description | Required |
|---|---|---|
-k | The handle of the public key to export. To find the key handle, run findKey. | Yes |
-out | The file name for the exported public key. | Yes |
Example
The following example exports the public key with handle 7 to /tmp/putlic.pem.
Command: exportPubKey -k 7 -out /tmp/putlic.pem
PEM formatted public key is written to /tmp/putlic.pem
Cfm3ExportPubKey returned: 0x00 : HSM Return: SUCCESS