This assumes you have reviewed IBM GSKit (Global Security Kit) - Getting Started (command line) or IBM iKeyman - Getting Started (GUI) and that you have created a key database and there is a certificate in the key database.
GSKit (command line)
The -export and -target options can be used to export a certificate from the key database. If the certificate being exported contains a private key, the private key will also be exported. Exporting does not remove or delete the certificate from the key database.
In this example, the "default" certificate (and private key if there is a private key) in example.kdb is exported to example.p12. OpenSSL can then be used to work with the example.p12 file.
ihs_home/gsk8/bin/gsk8capicmd_64 \ -cert \ -export \ -db /path/to/example.kdb \ -stashed or -pw your_password \ -label "certificate_name" \ -target "example.p12" \ -target_pw "any password"
Highlight the certificate you want to export and select Export/Import. In the dialog box that appears, ensure Export Key is selected and select OK. In this example, the certificate will be exported to a file named key.kdb.