IBM Global Security Kit (GSKit)

Home > Search

GSKit is a collection of tools used for cryptography to the manage SSL components used by IBM products. The GSKit command line tools are installed along with certain IBM products, such as IBMs IHS web server. GSKit cannot be installed as a stand alone tool. For example, on Linux, the GSKit command line tool is located at:



The gsk8capicmd_64 command may not be configured to know what directory contains the GSKit library files. For this reason, you'll probably need to set the LD_LIBRARY_PATH.

export LD_LIBRARY_PATH=/path/to/gsk8/lib
export PATH=$PATH:/path/to/gsk8/bin


IBM products that use GSKit will store keys in a file with the .kdb (key database) extension. There may also be files with the .crl, .rdb, and .sth (stored password file) extensions as well. You can then list the certificates in a key database. In this example, there are two certificates in the database (default and example).

~]# was_home/gsk8/bin/gsk8capicmd_64 -cert -list -db /path/to/example.kdb -pw your_password
* default
- example


Once you know the list of certificates in the key database, you can view the details of a specific certificate.

~]# was_home/gsk8/bin/gsk8capicmd_64 -cert -details -db /path/to/example.kdb -stashed -label "certificate_name"


Add a Comment

We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.

Please enter in the box below so that we can be sure you are a human.