Exporting a certificate from a key repository on IBM i

Exporting a certificate exports both the public and private key. This action should be taken with extreme caution, since passing on a private key would completely compromise your security.

1. Access the DCM interface, as described in Accessing DCM.
2. In the navigation panel, click Select a Certificate Store.
   The Select a Certificate Store page is displayed in the task frame.
3. Select the certificate store you want to use and click Continue.
4. Optional: If you selected *SYSTEM in step 3, enter the system store password and click Continue.
5. Optional: If you selected Other System Certificate Store in step 3, in the Certificate store path and filename field, type the IFS path and file name you set when you created your certificate store and type a password in the Certificate Store Password field. Then click Continue
6. In the Manage Certificates task category in the navigation panel, click Export Certificate.
   The Export a Certificate page is displayed in the task frame.
7. Select the radio button for your certificate type and click Continue.
   Either the Export Server or Client Certificate page or the Export Certificate Authority (CA) Certificate page is displayed in the task frame.
8. Select the certificate you want to export.
9. Select the radio button to specify whether you want to export the certificate to a file or directly into another certificate store.
10. If you selected to export a server or client certificate to a file, provide the following information:
    • The path and file name of the location where you want to store the exported certificate.
    • For a personal certificate, the password that is used to encrypt the exported certificate and the target release. For CA certificates, you do not need to specify the password.
11. If you selected to export a certificate directly into another certificate store, specify the target certificate store and its password.
12. Click Continue.