ADC CLI Commands

ssl-hsmKey

The following operations can be performed on “ssl-hsmKey”:

add show rm

add ssl hsmKey

Add HSM Key.

Synopsis

add ssl hsmKey \[-hsmType ] \[-key | -serialNum ] {-password } \[-keystore ]

Arguments

hsmKeyName hsmType Type of HSM.

Possible values: THALES, SAFENET, KEYVAULT Default value: THALES

key Name of the key. optionally, for Thales, path to the HSM key file; /var/opt/nfast/kmdata/local/ is the default path. Applies when HSMTYPE is THALES or KEYVAULT. Maximum value: 63

serialNum Serial number of the partition on which the key is present. Applies only to SafeNet HSM. Maximum value: 16

password Password for a partition. Applies only to SafeNet HSM.

keystore Name of keystore object representing HSM where key is stored. For example, name of keyvault object or azurekeyvault authentication object. Applies only to KEYVAULT type HSM.

Example

add ssl hsmkey rsa1 key_simple_rsa1

show ssl hsmKey

Displays lists of all the HSM Keys Added on the Citrix ADC.

Synopsis

show ssl hsmKey []

Arguments

hsmKeyName Name of the HSM Key for which to show detailed information.

Output

hsmType Type of the HSM key.

key Name of the key in HSM

serialNum SerialNum of a partition on which Safenet key is present.

keystore Store where key recides

state Current state of key

devno count stateflag

Example

An example of output of ‘show ssl hsmkey’ command is as shown below: sh ssl hsmkey 1 SSL HSM key: 1)SSL HSM Key Name: key_simple_rsa1

rm ssl hsmKey

Removes the specified HSM key, from the HSM Appliance.

Synopsis

rm ssl hsmKey [-hsmType ] [-serialNum ] {-password }

Arguments

hsmKeyName Name of the HSMKEY.

hsmType Type of the HSMKEY.

Possible values: THALES, SAFENET, KEYVAULT Default value: THALES

serialNum SerialNum of a partition on which Safent HSMKey is present. Maximum value: 16

password Password of a partition on which SafeNet HSMkey is present.

Example

rm hsmkey key_simple_rsa1

ssl-hsmKey