Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.


Command: policy purge (experimental)


Code Block
ods-ksmutil policy purge

Delete all policies and associated keys if there are no zones currently using the policy. This command should be used with caution and it is recommended to backup your database before using it.


List information about keys in zone.


Code Block
Pre 1.3.17:
--zone <zone> | --all             aka -z / -a
(will appear soon
1.3.17 and later:
[--keystate <state>]   verbose]           aka -e [--keytype <type>]                aka -tv
[--dszone <zone>]                          aka -z
 aka -d[--keystate <state>| --all]      )
        aka -e / -a
[--keytype <type>]                       aka -t

By default:

  • keys for all zones are listed when using  'ods-ksmutil key list' 
  • the 'ods-ksmutil key list' command does not list keys in the GENERATE or DEAD state. 

In 1.3.17 the command was extended to support filters on key state and key type.

  • The --all option now results in a listing of keys in all key states, including GENERATE and DEAD

Command: key export

Code Block
ods-ksmutil key export