security key-manager external show

Show the set of configured external key management servers

Availability: This command is available to cluster and Vserver administrators at the admin privilege level.

Description

This command displays the external key management servers configured on the cluster for a given Vserver. No entires are displayed when external key management is not enabled for the given Vserver.

Parameters

{ [-fields <fieldname>, ...]
If you specify the -fields <fieldname>, ... parameter, the command output also includes the specified field or fields. You can use '-fields ?' to display the fields to specify.
| [-instance ]}
If you specify the -instance parameter, the command displays detailed information about all fields.
[-vserver <vserver name>] - Vserver Name
If you specify this parameter, then the command displays the key management servers for only the given Vserver.
[-key-server <text>] - Key Server Name with port
If you specify this parameter, then the command displays only the given key management server with the given host name or IP address listening on the given port.
[-client-cert <text>] - Name of the Client Certificate
If you specify this parameter, then the command displays only the key management servers using a client certificate with the given name.
[-server-ca-certs <text>, ...] - Names of the Server CA Certificates
If you specify this parameter, then the command displays only the key management servers using server-ca certificates with the given names.
[-timeout <integer>] - Server I/O Timeout
If you specify this parameter, then the command displays only the key management servers using the given I/O timeout.
[-username <text>] - Authentication User Name
If you specify this parameter, then the command displays only the key management servers using the given authentication username.

Examples

The following example lists all configured key management servers for all Vservers:

cluster-1::> security key-manager external show

                  Vserver: datavs
       Client Certificate: datavsClientCert
   Server CA Certificates: datavsServerCaCert1, datavsServerCaCert2

Key Server
--------------------------------------------
keyserver.datavs.com:5696

                  Vserver: cluster-1
       Client Certificate: AdminClientCert
   Server CA Certificates: AdminServerCaCert


Key Server
--------------------------------------------
10.0.0.10:1234
fd20:8b1e:b255:814e:32bd:f35c:832c:5a09:1234
ks1.local:1234
4 entries were displayed.

        

The following example lists all configured key management servers with more detail, including timeouts and usernames:

cluster-1::> security key-manager external show -instance

                  Vserver: datavs
       Client Certificate: datavsClientCert
   Server CA Certificates: datavsServerCaCert1, datavsServerCaCert2
               Key Server: keyserver.datavs.com:5696
                  Timeout: 25
                 Username: datavsuser

                  Vserver: cluster-1
       Client Certificate: AdminClientCert
   Server CA Certificates: AdminServerCaCert
               Key Server: 10.0.0.10:1234
                  Timeout: 25
                 Username:

                  Vserver: cluster-1
       Client Certificate: AdminClientCert
   Server CA Certificates: AdminServerCaCert
               Key Server: fd20:8b1e:b255:814e:32bd:f35c:832c:5a09:1234
                  Timeout: 25
                 Username:

                  Vserver: cluster-1
       Client Certificate: AdminClientCert
   Server CA Certificates: AdminServerCaCert
               Key Server: ks1.local:1234
                  Timeout: 45
                 Username:
4 entries were displayed.