Oracle Cloud Infrastructure Documentation

Downloading a Certificate Signing Request

Learn how to download a certificate signing request (CSR) for an HSM cluster in OCI Dedicated Key Management.

  • Complete the following steps to initialize the HSM cluster:

    1. On the HSM cluster list page, find the HSM cluster that you want to work with. If you need help finding the list page, see Listing HSM Clusters.
    2. From the Actions menu Actions Menu in the row of the HSM cluster, select Initialize cluster.

      Note: The Intitialize cluster option is visible only for HSM clusters that are in "Initialization required" state.

    3. Select Download CSR.
    4. Download the CSR to your local machine.
    5. Select Next to continue to the Upload certificates workflow.
      Leave the Console window open and continue the initialization operation by following the instructions in Signing the CSR.

  • Use the oci kms kms-hsm-cluster hsm-cluster download-certificate-signing-request command and required parameters to download the certificate:

    oci kms kms-hsm-cluster hsm-cluster download-certificate-signing-request --hsm-cluster-id <hsm_cluster_ocid> [OPTIONS]

    For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

  • Use the DownloadCertificateSigningRequest API with the KMSHSMCLUSTER endpoint to download the certificate signing request (CSR) for the specified HSM Cluster resource.

    Note

    The HSM Cluster Endpoint is used for is used for cluster management operations including Create, Update, List, Get, and Delete. This endpoint is also called the KMSHSMCLUSTER endpoint.

    For regional endpoints for the Key Management, Secret Management, and Secret Retrieval APIs, see API Reference and Endpoints.

    For information about using the API and signing requests, see REST API documentation and Security Credentials. For information about SDKs, see SDKs and the CLI.