Certificate management using iKeyman prior to SSL

Certificate management using iKeyman prior to SSL

Starting in WAS v6.1, we can manage the certificates from the console. When using versions of WAS prior to Version 6.1, use iKeyman for certificate management. iKeyman is a key management utility.
WebSphere Application Server certificate management requires defined the keystores in the WAS configuration. With iKeyman, we need access to the keystore file only. We can read a keystore file with personal certificates and signers created in iKeyman. A keystore file can be read into the WAS configuration using the createKeyStore command.
The majority of certificate management functions are the same between WebSphere Application Server and iKeyman, especially for personal certificates and signer certificates. However, certificate requests are special. The underlying behavior is different in the two certificate management schemes. Because of the different behavior, when a certificate request is generated from iKeyman, the process must be completed in iKeyman. For example, a certificate that is generated by a certificate request that originated in iKeyman must be received in iKeyman as well.
The same is true for WebSphere Application Server. For example, when a certificate is generated from a certificate request that originated in WebSphere Application Server, the certificate must be received in WebSphere Application Server.
We can perform the following certificate operations using iKeyman:

Types of certificates Functions Description
Personal certificates Create a self-signed certificate Creates a self-signed certificate and stores it in a keystore.

List personal certificates Lists all the personal certificates in a keystore.

Get information about a personal certificate Gets information about a personal certificate.

Delete a personal certificate Delete a personal certificate from a keystore.

Import a certificate Imports a certificate from a keystore to a keystore.

Export a certificate Exports a certificate from a keystore to another keystore.

Extract a certificate Extract the signer part of a personal certificate to a file.

Receive a certificate Reads a certificate that comes from a certificate authority (CA) into a keystore.
Signer certificates Add a signer certificate Add a signer certificate from a file to a keystore.

List signer certificates Lists all the signer certificates in a keystore.

Get information about a signer certificate Gets information about a signer certificate.

Delete a signer certificate Delete a signer certificate from a keystore.

Extract a signer certificate Extract a signer certificate from a keystore, and stores the certificate in a file.
Certificate requests Create a certificate request Creates a certificate request that can be sent to a CA.

List certificate requests Lists the certificate requests in a keystore.

Get information about a certificate request Gets information about a certificate request.

Delete a certificate request Delete a certificate request from a keystore.

Extract a certificate request Extract a certificate request to a file.

Related concepts

Certificate management in SSL

Related tasks

Create a keystore configuration for a preexisting keystore file

Types of certificates	Functions	Description
Personal certificates	Create a self-signed certificate	Creates a self-signed certificate and stores it in a keystore.
	List personal certificates	Lists all the personal certificates in a keystore.
	Get information about a personal certificate	Gets information about a personal certificate.
	Delete a personal certificate	Delete a personal certificate from a keystore.
	Import a certificate	Imports a certificate from a keystore to a keystore.
	Export a certificate	Exports a certificate from a keystore to another keystore.
	Extract a certificate	Extract the signer part of a personal certificate to a file.
	Receive a certificate	Reads a certificate that comes from a certificate authority (CA) into a keystore.
Signer certificates	Add a signer certificate	Add a signer certificate from a file to a keystore.
	List signer certificates	Lists all the signer certificates in a keystore.
	Get information about a signer certificate	Gets information about a signer certificate.
	Delete a signer certificate	Delete a signer certificate from a keystore.
	Extract a signer certificate	Extract a signer certificate from a keystore, and stores the certificate in a file.
Certificate requests	Create a certificate request	Creates a certificate request that can be sent to a CA.
	List certificate requests	Lists the certificate requests in a keystore.
	Get information about a certificate request	Gets information about a certificate request.
	Delete a certificate request	Delete a certificate request from a keystore.
	Extract a certificate request	Extract a certificate request to a file.