pki export rsa-key-pair
Function
The pki export rsa-key-pair command exports the RSA key pair to the flash and allows the export of the associated certificate.
Format
pki export rsa-key-pair key-name [ and-certificate certificate-name ] { pem file-name [ 3des | aes | des ] | pkcs12 file-name } password password
Parameters
Usage Guidelines
Usage Scenario
To transfer or back up an RSA key pair, run this command to generate the PEM or PKCS12 file carrying this RSA key pair (which may include the certificate) in the flash.
Before using this command, run the display pki rsa local-key-pair command to view information about the RSA key pairs on the device.
Prerequisites
The RSA key pair has been created and configured to be exportable using the pki rsa local-key-pair create command or the RSA key pair has been imported to the memory using the pki import rsa-key-pair command.
Precautions
The RSA key pair is sensitive information. Delete and destroy the exported RSA key pair on the device or storage device immediately after you do not need it.
Example
# Export the RSA key pair key1 to the file aaa.pem and set the encryption method to AES.
<AC6605> system-view [AC6605] pki rsa local-key-pair create key1 exportable Info: The name of the new key-pair will be: key1 The size of the public key ranges from 512 to 2048. Input the bits in the modules:2048 Generating key-pairs... ......+++ ....................+++ [AC6605] pki export rsa-key-pair key1 pem aaa.pem aes password Admin@1234 Warning: Exporting the key pair impose security risks, are you sure you want to export it? [y/n]:y Info: Succeeded in exporting the RSA key pair in PEM format.
