ADMINISTERING
Exports the content of a credential store, shared keys from a credential store, named encryption key from a server ID file, all Domain Keys Identified Mail (DKIM) documents, or a DKIM key.
Details
Use this command to:
To export the content of a credential store, enter the following command from the server on which it resides:
keymgmt export credstore <database> <target_server>
where
Any encrypted document in the credential store is decrypted with the name encryption key and encrypted with the target server's public key before being put in the database.
For example:
keymgmt export credstore credstorecopy.nsf hubserver/renovations
Syntax: Export a named encryption key
To export a named encryption key from a server ID file and save it in a file in the server program directory, enter the following command:
keymgmt export nek <nekname> [overwrite] <nekname>.key <password>
where <nekname> is the name of the key, <nekname>.key is the name of the key file, and <password> is a password for the key file.
keymgmt export nek credstorekey credstorekey.key passw0rd
When exporting a named encryption key, if a key with that name already exists in the specified file, use the overwrite argument to replace it with the new key, for example:
keymgmt export nek credstorekey overwrite credstorekey.key passw0rd
Syntax: Export shared encryption keys
To export shared encryption keys used for DAOS object encryption from a credential store to prepare to import them into another credential store, enter the following command:
keymgmt export sharedkey <database> <servername>
<database> is the file name of a database in which to export the shared keys. The database is created in the local IBM_Credstore directory.
<servername> is the hierarchical name of a server that uses the target credential store which you will use to import the shared keys. Only this server can be used to import the shared keys to the target credential store.
For example, to export shared keys to the local database exportdb.nsf that will be imported into target credential store via the server App1/Renovations, enter the following command:
keymgmt export sharedkey exportdb.nsf Apps1/Renovations
Syntax: Export DKIM documents
To export just the DKIM documents in the credential store to a database file encrypted for a server, enter the following command. You might do this to move DKIM keys to another credential store. After exporting, use the keymgmt import credstore to import them into another credential store.
EXPORT DKIM <exportFile> <serverName>
<exportfile> is the file name of a database in which to export the DKIM documents. The database is created in the local IBM_Credstore directory.
<servername> is the hierarchical name of a server that uses the target credential store on which to store the file.
For example, to export DKIM documents to the local database dkimdb.nsf on the server Mail1/Renovations, enter the following command:
keymgmt export dkimdb.nsf Mail1/Renovations
Syntax: Export a DKIM key
After you use the keymgmt create DKIM command to create DKIM signing keys in the credential store, run the following command to create a .txt file in the Domino data directory that contains the DNS TXT record with the key. You use the .txt file to add the DNS TXT record to your DNS domain settings.
keymgmt export DKIM DNS <domain> <selector> <dkimdnsfile>
where:
keymgmt export DKIM DNS renovations.com 12345 dkimdns.txt
Parent topic: List of server commands and syntax
Related concepts Configuring DKIM signing for messages routed to external Internet domains Using a console to send commands to a server Using a shared key to encrypt DAOS objects across servers
Related tasks Using a credential store to store credentials
Related reference Keymgmt Create Keymgmt Import