IBM Global Security Kit (GSKit) - Create a self signed certificate and private key
by
Jeremy Canfield |
Updated: May 15 2024
| IBM Global Security Kit (GSKit) articles
Let's say you have a key database file named key.kdb.
ls -l /shared/qmgrs/MANAGER01/ssl/
-rw------- 1 root root 1415 Jun 4 2020 key.kdb
The -create option can be used to create a self-signed certificate in the key database file. In this example, the name of the certificate will be "example.com". After the self signed certificate has been created, you can then use the -list option to list the certificates in the key database and use the -details option to view the details of the self signed certificate.
${install_root}/gsk8/bin/gsk8capicmd_64
-cert
-create
-db /path/to/key.kdb
-stashed or -pw your_password
-label "example.com"
-dn "cn=your_hostname,o=your_domain"
-size 2048
-sigalg SHA512WithRSA
-expire 365
-default_cert yes
Did you notice that this command creates the private key, certificate signing request, and the public certificate? For example, 2048 is the size of the private key and 365 is when the public certificate expires.
Did you find this article helpful?
If so, consider buying me a coffee over at