Generating strong passwords for key repository protection on UNIX, Linux, and Windows

We can generate strong passwords for key repository protection using the runmqakm (GSKCapiCmd) command.

We can use the runmqakm command with the following parameters to generate a strong password:

runmqakm -random -create -length 14 -strong -fips

When using the generated password on the -pw parameter of subsequent certificate administration commands, always place double quotation marks around the password. On UNIX and Linux systems, you must also use a backslash character to escape the following characters if they appear in the password string:

!  \  "  '

When entering the password in response to a prompt from runmqckm, runmqakm or the iKeyman GUI then it is not necessary to quote or escape the password. It is not necessary because the operating system shell does not affect data entry in these cases.