mrhsm remove
Removes specified components of the KMIP configuration.
mrhsm remove
command to remove various components of the KMIP configuration or to set them to their
default values. Syntax
# mrhsm remove
[ -cacert ] Remove configured CA certificate
[ -clientcert ] Remove configured client certificate
[ -clientkey ] Remove configured client private key
[ -ip ] Remove IP addresses
[ -kmipversion ] Remove KMIP version. Reverts to 1.1
[ -port ] Remove KMIP port number. Reverts to 5696.
-sopin <so-pin> PIN for SO (Security Officer)
Parameters
- cacert
-
The full or relative path name of the CA certificate chain in PEM format used to sign the KMIP server certificate. The Data Fabric KMIP client enforces peer validation and requires the CA certificate chain to verify the KMIP server.
- clientcert
-
The full or relative path name of the client certificate in PEM format.
- clientkey
-
The full or relative path name of the client private key used to generate the client CSR.
- ip
- A comma-separated list of host names or IP addresses of KMIP servers. Most KMIP deployments have at least two KMIP servers in the HSM cluster for reliability and high availability.
- kmipversion
-
The KMIP version to use when communicating with the external KMIP -enabled key management appliance. Supported values are 1.0, 1.1, 1.2, 1.3 and 1.4
- port
- The listening port number of the KMIP
server. All KMIP
servers in the HSM cluster must listen
to the same port. Port numbers must be from 1-65535 inclusive and cannot start with a 0.
Default is
5696
. - sopin
- The PIN for the Security Officer.