Home

 

Create a new key database using the command-line interface

 

+

Search Tips   |   Advanced Search

 

A key database is a file that the server uses to store key pairs and certificates. You can use one key database for all your key pairs and certificates, or create multiple key databases.

You can create multiple key databases if we prefer to keep certificates in separate databases.

 

Create a new key database using gsk7cmd

Create a new key database...

/IBM/IHS/bin/gsk7cmd -keydb -create -db <filename> -pw <password> -type <cms | jks | jceks | pks12> -expire <days> -stash

...where...

-db filename Name of the database.
-expire <days> Number of days before password expires. This parameter is only valid for CMS key databases.
-keydb Command is for the key database.
-pw <password> Password to access the key database.
-type <cms | jks | jceks | pkcsk> Database type. IBM HTTP Server only handles a CMS key database.
-stash Stashes the password for the key database, keydb.kdb, in...

keydb.sth

Valid for CMS key databases.

Stashing the password is required for IHS.

 

Create a new key database using GSKCapiCmd

GSKCapiCmd is a manages keys, certificates, and certificate requests within a CMS key database. The tool has all of the functionality of gsk7cmd, except GSKCapiCmd supports CMS and PKCS11.

If we plan to manage key databases other than CMS or PKCS11, use gsk7cmd.

You can use GSKCapiCmd to manage all aspects of a CMS key database. GSKCapiCmd does not require Java to be installed on the system.

/IBM/IHS/bin/gsk7capicmd -keydb -create -db <name> [-pw <passwd>] [-type <cms>] [-expire <days>] [-stash] [-fips] [-strong]


 

Related concepts

Managing keys with the gsk7cmd command line interface (Distributed systems)