This topic explains how to export the public key from HSM using the exportPubKey command.
Function description
The exportPubKey command allows you to export the public key from HSM into a file, while preserving the key properties and without impacting encryption operations.
With the help of exportPubKey command and the import public key command importPubKey, you can complete the backup or migration of the public key.
Ensure you have started the key_mgmt_tool and logged on to HSM as a CU before executing this command.
Syntax
Enter the parameters as per the syntax outlined below. For descriptions of the parameters, refer to parameters.
exportPubKey -k <public-key-handle> -out <key-file>
Parameters must be entered in the sequence specified by the syntax.
Example
The following example demonstrates exporting the public key with handle 7 to public.pem.
Command: exportPubKey -k 7 -out /tmp/putlic.pem
PEM formatted public key is written to /tmp/putlic.pem
Cfm3ExportPubKey returned: 0x00 : HSM Return: SUCCESS
Parameters
Parameter Name | Description | Required | Valid Values |
-k | Specifies the handle of the public key to export. | Yes | Use findKey to locate the key handle. |
-out | Designates the file name for the exported public key. | Yes | No special requirements |