This assumes you have reviewed Getting Started with IBM Global Security Key (GSKit).
The -cert and -list options can be used to view the certificates and keys in a Key Database. In this example, "all" certificates in the Key Database file are listed. Instead of all, you could also use "personal" or "CA".
${install_root}/gsk8/bin/gsk8capicmd_64 -cert -list -db /path/to/example.kdb -stashed
If the key database does not contain any certificates or keys, the following will be displayed.
No certificates were found.
In this example, there are two certificates in the database (default and example). Be aware that line 2 is a key or legend, that simply defines certain special characters used to identiy an entry as a default, personal, or trusted certificate, or as a private key.
Certificates found
* default, - personal, ! trusted, # secret key
- my_root_ca
- my_intermediate_certificate
*- my_server_certificate
The -validate flag can then be used to determine if the certificates in the Key Database are valid.
~]# ${install_root}/gsk8/bin/gsk8capicmd_64 -cert -validate -db /path/to/example.kdb -stashed
my_root_ca : OK
my_intermediate_certificate : OK
my_server_certificate : OK
Did you find this article helpful?
If so, consider buying me a coffee over at