cmu getpkc

Retrieve a Public Key Confirmation from the HSM.

NOTE This operation works with non-extractable keys only, and supports both RSA and ECC keypair types.

This confirmation procedure is currently not supported on FM-enabled HSMs. Refer to FM Deployment Constraints for details.

cmu getpkc [{-handle=<handle#> | -ouid=<OUID#>}] [-outputfile=<filename>] [-verify]

Argument(s)	Description
-handle=<handle#>	The handle to the corresponding private key for the PKC. This method of selection applies to Luna HSMs only. On a Luna Cloud HSM service slot, use -ouid.
-ouid=<OUID#>	The Object Unified Identifier (OUID) to the corresponding private key for the PKC. This method of selection requires Luna HSM Client 10.2.0 or newer, and applies to Luna Cloud HSM services only. On a Luna HSM slot, use -handle.
-outputfile=<filename>	The name of the file that receives the PKC.
-verify	Sets a flag to verify the PKC against the certificate that signed the PKC. It must be set to True or False (or 1 or 0), with False being the default.

If you run the command with no parameters, you are prompted for the mandatory ones.

cmu getpkc –handle=5



	SUPPORT	LEGAL
Luna PCIe HSM 7 Documentation © Copyright 2001-2025, Thales Group Last Updated: 2025-10-28 08:00:29 GMT-05:00	Customer Release Notes Customer Support Portal Support Contacts	End User License Agreement Third Party Software Licenses Document Information