Home
Managing keys with the native key database gskkyman (z/OS systems)
Use the native z/OS key management (gskkyman key database) support for key management tasks.
To have a secure network connection, create a key for secure network communications and receive a certificate from a certificate authority (CA) that is designated as a trusted CA on your server.
IHS on z/OS does not support ikeyman or gsk7cmd.
Use gskkyman to create key databases, public and private key pairs, and certificate requests. If we act as your own CA, you can use gskkyman to create self-signed certificates. If we act as our own CA for a private Web network, you have the option to use the server CA utility to generate and issue signed certificates to clients and servers in your private network.
You cannot use gskkyman for configuration options that update the httpd.conf configuration file.
- To use native z/OS key management (gskkyman) tasks, refer to Cryptographic Services PKI Services Guide and Reference document (SA22-7693). Link to this document from the z/OS Internet Library.
- A typical task that this document contains is using a gskkyman key database for your certificate store. See section "Appendix B. Using a gskkyman key database" for a description of how to use gskkyman.
- Important: The certificate requests that gskkyman generates for use with IBM HTTP Server should use RSA keys and not DSA keys.
Related tasks
Securing with SSL communications
Related information