FreeKB - IBM Global Security Kit (GSKit) Export certificate private key from a Key Database file
IBM Global Security Kit (GSKit) - Export certificate private key from a Key Database file

Let's say you have a key database file named key.kdb.

ls -l /shared/qmgrs/MANAGER01/ssl/

-rw------- 1 root root 1415 Jun  4  2020 key.kdb

 

Let's say key.kdb contains a certificate named "example.com". Notice example.com is flagged as * (default) and - (personal). This is important. More on this in a moment. Read on.

Certificates found
* default, - personal, ! trusted, # secret key
*- example.com

 

The -export option can be used to extract the example.com certificate from key.kdb. In this example, the example.com certificate is extracted into a file named example.com.p12.

${install_root}/gsk8/bin/gsk8capicmd_64
-cert
-export
-db /path/to/key.kdb
-stashed or -pw your_password
-label "example.com"
-target "example.com.p12"
-target_pw "any password"

 

To add the certificate to a key database file, the -import option must be used. When using -import, the certificate will be "personal" in the kdb, like this.

If you want the certificate to be "trusted", instead of using the -extract option, you will use the -export option and then the -add option.

Certificates found
* default, - personal, ! trusted, # secret key
- example.com

 



Add a Comment




We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.




Please enter d3680 in the box below so that we can be sure you are a human.




Comments

Web design by yours truely - me, myself, and I   |   jeremy.canfield@freekb.net   |