getEncoded, getPrivateExponent, or getS returns null getEncoded, getPrivateExponent, or getS return key bytes outside of the HSM

Extracting keys using JCE

getEncoded, getPrivateExponent, or getS returns null

getEncoded, getPrivateExponent, and getS will return null because they are by default disabled. To enable them, refer to Key extraction using JCE.

If getEncoded, getPrivateExponent, and getS return null after being enabled, your key does not meet the right prerequisites. For more information, refer to Key extraction using JCE.

getEncoded, getPrivateExponent, or getS return key bytes outside of the HSM

You or someone with access to your system has enabled clear key extraction. See the following pages for more information, including how to reset this configuration to the default disabled state.

Warning Javascript is disabled or is unavailable in your browser.

To use the Amazon Web Services Documentation, Javascript must be enabled. Please refer to your browser's Help pages for instructions.

Document Conventions

Error seen during key availability check

HSM Throttling