PingDirectory

Exporting encryption-settings definitions

The encryption-settings tool with the export subcommand provides a mechanism for exporting encryption-settings definitions.

About this task

Use the export subcommand with the encryption-settings command for the following scenarios:

  • To back up an individual definition

  • To export an individual definition from one server and import it into another

Steps

  • To export the definition to a file, use the encryption-settings tool with the export subcommand.

    The subcommand takes the following arguments.

    --id <id>

    Specifies the ID to export for the encryption-settings definition.

    You can specify this argument multiple times. If it’s omitted, all definitions are exported.

    --output-file <path>(required)

    Specifies the path to the output file to write the encryption-settings definition.

    --pin-file <path>

    Specifies the path to a PIN file containing the password to use to encrypt the contents of the exported definition.

    If this argument isn’t provided, then the PIN is interactively requested from the server.

    Example:

    $ bin/encryption-settings export --id F635E109A8549651025D01D9A6A90F7C9017C66D \
      --output-file /tmp/exported-key
    Enter the PIN to use to encrypt the definition:
    Re-enter the encryption PIN:

    Result:

    Successfully exported encryption settings definition
    F635E109A8549651025D01D9A6A90F7C9017C66D to file /tmp/exported-key