gskkyman can be run from either a rlogin z/OS
shell environment or from the OMVS shell command-line environment.
The examples that follow were performed from the rlogin environment.
If you use the OMVS shell command-line environment, the only difference
is that all input will be done at the command prompt at the bottom
of the screen.
These tasks will be performed in this topic:
- Creating, opening, and deleting a key database file
- Changing a key database password
- Storing an encrypted key database password
- Creating, opening, and deleting a z/OS® PKCS
#11 token
- Creating a self-signed server or client certificate
- Creating a certificate request and processing the signed request
- Creating a certificate to be used with Diffie-Hellman key exchange
(key database only)
- Managing keys and certificates:
- Show certificate/key information
- Marking a certificate (and private key) as the default certificate
for the key database
- Copying a certificate (and private key) to a different key database
or z/OS PKCS #11 Token:
- Copying a certificate without its private key
- Copying a certificate with its private key
- Copying a certificate with its private key to a key database on
the same system
- Copying a certificate with its private key to another z/OS PKCS #11 token or key
database on the same system
- Removing a certificate (and private key) from a key database or z/OS PKCS #11 token
- Changing a certificate label
- Importing a certificate from a file as a trusted CA certificate
- Importing a certificate from a file with its private key
- Using gskkyman to be your own certificate authority (CA)
(key database only)
- Migrating key database files to RACF® key
rings (key database only)
- Migrating key database files to z/OS PKCS
#11 Tokens
z/OS Cryptographic Services System SSL Programming
Copyright IBM Corporation 1990, 2014