zkey remove

Use the zkey remove command to remove encryption keys from the local repository, and optionally set a new key state for the key in the key-management system.

Figure 1. zkey remove syntax

1  zkey
rem -N <key_name>
1? -s<state>
2? -F
where:
-N or --name <key_name>
Specifies the key name of the secure key.
-s, --state <state>
Specifies the new state for the key on the key-management system server after removing the secure key from the local secure key repository. Possible states are DEACTIVATED, COMPROMISED, DESTROYED, and DESTROYED-COMPROMISED.

The default is to remove the key from the local secure key repository, but leave the state in the key-management system unchanged.

-F or --force
Forces the removal of the key

Example

  • To remove the secure key named seckey from the repository and set the state of the key to DEACTIVATED in the key-management system:
    # zkey remove --name seckey --state DEACTIVATED