Generating Keys
Learn how to generate keys with the Dedicated KMS user management utility.
As a Crypto User, you can use the commands in this topic to generate symmetric and asymmetric keys.
Important
Ensure users are synchronized across all replicas before creating keys. Use the listUsers command to verify user presence on all replicas. If users aren't synchronized, use the syncUser command.
Ensure users are synchronized across all replicas before creating keys. Use the listUsers command to verify user presence on all replicas. If users aren't synchronized, use the syncUser command.
Symmetric keys:
genSymKey
Asymmetric keys
genECCKeyPair-
genRSAKeyPair
Note
When generating keys, set -min_srv to 3 (matching the number of replicas in the HSM cluster). This ensures key creation succeeds only if the key is created on all partitions.
When generating keys, set -min_srv to 3 (matching the number of replicas in the HSM cluster). This ensures key creation succeeds only if the key is created on all partitions.