Oracle Cloud Infrastructure Documentation

Retrieving the Public Key for an Asymmetric Master Encryption Key

Learn how to retrieve the public key of an RSA or ECDSA key.

    1. On the Master Encryption Keys list page, find the key that you want to work with. If you need help finding the list page, see Listing Keys.
    2. Select the name of the key
    3. In the list of key versions, find the key for which you want to view the public key, select the Actions menu (three dots), and then select View Public Key.
    4. Do one of the following:

      • To copy the contents of the public key, select Copy. The contents of the public key are copied to your clipboard.

      • To download the public key, select Download. The file is automatically downloaded to your local computer.

    5. When you're finished, select Close.

  • Use the oci kms management key-version get command to retrieve the public key of an asymmetric key.

    oci kms management key-version get --key-id <key_OCID> --key-version-id <keyversion_OCID> --endpoint <management_endpoint>

    For a complete list of parameters and values for CLI commands, see the CLI Command Reference.

  • Use the GetKeyVersion API with the Management Endpoint to get the public key in PEM format for RSA and ECDSA keys.

    Note

    The Management Endpoint is used for management operations including Create, Update, List, Get, and Delete. The Management Endpoint is also called the control plane URL or the KMSMANAGEMENT endpoint.

    The Cryptographic Endpoint is used for cryptographic operations including Encrypt, Decrypt, Generate Data Encryption Key, Sign, and Verify. The Cryptographic Endpoint is also called the data plane URL or the KMSCRYPTO endpoint.

    You can find the management and cryptographic endpoints in a vault's details metadata. See Getting a Vault's Details for instructions.

    For regional endpoints for the Key Management, Secret Management, and Secret Retrieval APIs, see API Reference and Endpoints.

    For information about using the API and signing requests, see REST API documentation and Security Credentials. For information about SDKs, see SDKs and the CLI.