Open a cryptographic token using iKeyman
Overview
You can use the key management utility to open a cryptographic token. Once opened, you can manage your keys and certificates just like you do with keystore and truststore files:
- Create a self-signed digital certificate
- Add certificate authority (CA) roots as a signer certificate
- Request and receive a digital certificate from a CA
Identify the token library. For example, the IBM 4758 PCI Cryptographic Card uses CRYPTOKI.DLL as the PKCS#11-type token library
Procedure
- Start the key management utility, if it is not already running.
- Click...
Key DataBase File | Open | Cryptographic Token
- Fill in the information for File Name and Location, or browse for the cryptographic device library.
- Click OK to open the library.
- Type in the slot number
- Enter the password.
Results
All of the personal and signer certificates are stored on the cryptographic token card. With the token open, you can create or request digital certificates and receive CA-signed certificates.
Example
What to do next
Once the cryptographic token is open, you can add or delete keys and certificates. Configure the cryptographic token settings in WebSphere Application Server.
iKeymanDocs.zip
Configuring to use cryptographic tokens
Managing digital certificates
Cryptographic token support