Documentation

kes key rm

Overview

Remove a key from the KES server.

Removing a Secret key prevents decrypting any cryptographic keys derived using that Secret key, which in turn prevents decrypting any objects encrypted with those cryptographic keys.

Removing a Secret Key renders all data encrypted using that key permanently unreadable.

Syntax 

kes key rm                \
        <name>            \
        [--insecure, -k]

Parameters

name

Required

The name of the existing key to remove. To remove more than one key, separate each key with a space.

--insecure, -k

Optional

Directs the command to skip x.509 certificate validation during the TLS handshake with the KES server. This allows connections to KES servers using untrusted certificates (i.e. self-signed or issued by an unknown Certificate Authority).

MinIO strongly recommends against using this option in production environments.

Examples

Remove a key:

kes key rm my-key

Remove two keys at the same time:

kes key rm my-key1 my-key2