pki export sm2-key-pair key-name der file-name
pki export sm2-key-pair key-name pem file-name [ password password ]
Parameter |
Description |
Value |
|---|---|---|
key-name |
Specifies the SM2 key pair name. |
The value must be an existing SM2 key pair name. |
der file-name |
Exports the SM2 key pair as a DER file and specifies the file name. |
The value is a string of 1 to 64 case-insensitive characters without spaces and question marks (?). |
pem file-name |
Exports the SM2 key pair as a PEM file and specifies the file name. |
The value is a string of 1 to 64 case-insensitive characters without spaces and question marks (?). |
password password |
Specifies the password for the SM2 key pair file. This password is used when you import an SM2 key pair file. |
For security purposes, a password must meet the minimum strength requirements, that is, the password needs to contain at least three types of the following characters: uppercase letters, lowercase letters, numerals, and special characters, such as exclamation points (!), at signs (@), number signs (#), dollar signs ($), and percent signs (%). |
Usage Scenario
To transfer or back up an SM2 key pair, run this command to generate a file carrying this SM2 key pair in the device storage.
Before using this command, run the display pki sm2 local-key-pair public command to view information about the SM2 key pairs on the device.
Prerequisites
The RSA key pair has been created using the pki sm2 local-key-pair create command with the exportable parameter specified or the RSA key pair has been imported to the memory using the pki import sm2-key-pair command with the exportable parameter specified.
Precautions
An SM2 key pair is sensitive information. Delete or destroy the exported SM2 key pair from your device or storage device immediately after you do not use it.
# Export the SM2 key pair key-1 to the file aaa.pem.
<sysname> system-view [sysname] pki sm2 local-key-pair create key-1 exportable Info: The name of the new key-pair will be: key-1 Generating key-pairs... [sysname] pki export sm2-key-pair key-1 pem aaa.pem password Admin@1234 Warning: Exporting the key pair impose security risks, are you sure you want to export it? [y/n]:y Info: Succeeded in exporting SM2 key pair in PEM format.