Generating strong passwords for key repository protection on UNIX, Linux, and Windows

We can generate strong passwords for key repository protection using the runmqakm (GSKCapiCmd) command.

We can use the runmqakm command with the following parameters to generate a strong password:

runmqakm -random -create -length 14 -strong -fips

When using the generated password on the -pw parameter of subsequent certificate administration commands, always place double quotation marks around the password. On UNIX and Linux systems, we must also use a backslash character to escape the following characters if they appear in the password string:

!  \  "  '

When entering the password in response to a prompt from runmqckm, runmqakm or the strmqiqm GUI then it is not necessary to quote or escape the password. It is not necessary because the operating system shell does not affect data entry in these cases.

Parent topic: Work with SSL/TLS on UNIX, Linux, and Windows