Export a public key corresponding to a stored private key. This command uses several different mechanisms for exporting the public key corresponding to a stored private key.
ykman piv keys export OPTIONS SLOT PUBLIC-KEY
Options
Description
-h, --help
Show this message and exit.
-F, --format [PEM|DER]
Encoding format.
[default: PEM]
-P, --pin TEXT
PIN code (used for --verify).
-v, --verify
Verify that the public key matches the private key in the slot.
Arguments
Description
PUBLIC-KEY
File containing the generated public key.
Use - to use stdout.
SLOT
PIV slot of the private key.
HELP
Usage: ykman.exe piv keys export [OPTIONS] SLOT PUBLIC-KEY
Export a public key corresponding to a stored private key.
This command uses several different mechanisms for exporting the public key corresponding to a stored private key, which may fail. If a
certificate is stored in the slot it is assumed to contain the correct public key. If this is not the case, the wrong public key will be
returned.
The --verify flag can be used to verify that the public key being returned matches the private key, by using the slot to create and verify a
signature. This may require the PIN to be provided.
SLOT PIV slot of the private key.
PUBLIC-KEY File containing the generated public key. Use '-' to use stdout.
Options:
-F, --format [PEM|DER] Encoding format. [default: PEM]
-v, --verify Verify that the public key matches the private key in the slot.
-P, --pin TEXT PIN code (used for --verify).
-h, --help Show this message and exit.
