...
IBM uses the concept of a Key Database File to protect the certificate private key. The first step is to create an empty key database file using the Key Management Utility ,also known as iKeyman.
- Key Database File
- New
- Key database type = CMS (can explain more about the format... later but CMS if standard)
- File Name = krypton.kdb
- Browser... = C:\opt\IBMIHS\keys\
...
| Info |
|---|
Stashing the password will keep the password with IHS. This means that IHS will be able to be stopped and started without requiring you to enter in the password to the key database file every time. |
Generate CSR for Web Server
Confirm your key database file is loaded. IBM Key Management screen The iKeyman window should now show,
DB-Type: CMS
File Name: C:\opt\IBMIHS\keys\krypton.kdb
Next generate the CSR as follows,
- In the middle of the iKeyman Window locate a section called Key database content.
- Change the Key database content drop down from the default, Signer Certificates to Personal Certificate Requests.
- Create
- New Certificate Request...
...
| Panel |
|---|
A new certificate reqweuest has been successfully created in the file: C:\opt\IBMIHS\keys\krypton.arm. You must send the file to a certification authority to request a certificate. |
Copy the You will now see your certificate request as an item in the Key database content section.
You can now exit iKeyman.
Copy the arm file and send it to your Certificate Authority.
...