IBM Global Security Kit 7.0: Managing certificates

Learn about digital certificates, managing them, and key file types and structures

Explore digital security certificates, their purpose, and how to establish and manage them correctly. This white paper will employ the IBM Global Security Kit (GSKit).


developerWorks security editors, Staff, IBM

This article is brought to you by the editors of the developerWorks Security site.

03 September 2013

IBM expert Ori Pomerantz has been securing computer networks (and showing others how to do it too) since 1995. Pomerantz joined IBM in 2003 and since then, he has written classes on several IBM security products, including IBM Security zSecure™. He is also a co-author of the IBM Press publication Mainframe Basics for Security Professionals: Getting Started with RACF, 2007. In the whitepaper, "IBM Global Security Kit 7.0: Managing certificates", Pomerantz will help you:

  • Explore digital security certificates and their purpose
  • Learn how to establish and manage certificates correctly
  • Use the IBM Global Security Kit

See Download to download the entire white paper. This summary article outlines the topics addressed in more detail in the white paper.

Why manage certificates?

Reasons to manage certificates include:

  • To protect information in transit (GSKit uses secure sockets layer)
  • To avoid man-in-the-middle attacks (SSL requires servers to present a cryptographic certificate)

What is a certificate?

Certificates are like drivers licenses. They are used to ensure the identities of participants in an information exchange. Certificates are issued by authorities (certificate authority or CA) or are self-signed (used when a certificate belongs to a certificate authority or internally within your organization).

In the whitepaper, dive deeper into:

  • The two pieces of information (keys) associated with certificates: Public and private
  • How you verify a certificate when establishing an SSL tunnel

Keys are "key" to certificates

Secure communication requires entities to store certificates—their own certificates and the keys of trusted certificate authorities. Those certificates are typically stored in key files that can be manipulated using the ikeyman utility.

In the whitepaper, learn more about:

  • Key file types:
    • Cryptographic Message Syntax
    • Java™ keystore
  • Key file structures:
    • Personal certificates
    • Personal certificate requests
    • Signer certificates

The paper will also point you to further IBM resources, IBM education assistant modules (IEA), that will show you how to use the GSKit to manage digital certificates.


White papercert_mgmt.pdf1140KB



Get products and technologies

  • Evaluate IBM products in the way that suits you best: Download a product trial, try a product online, or use a product in a cloud environment.


  • Get involved in the developerWorks Community. Connect with other developerWorks users while exploring the developer-driven blogs, forums, groups, and wikis.


developerWorks: Sign in

Required fields are indicated with an asterisk (*).

Need an IBM ID?
Forgot your IBM ID?

Forgot your password?
Change your password

By clicking Submit, you agree to the developerWorks terms of use.


The first time you sign into developerWorks, a profile is created for you. Information in your profile (your name, country/region, and company name) is displayed to the public and will accompany any content you post, unless you opt to hide your company name. You may update your IBM account at any time.

All information submitted is secure.

Choose your display name

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerWorks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

Required fields are indicated with an asterisk (*).

(Must be between 3 – 31 characters.)

By clicking Submit, you agree to the developerWorks terms of use.


All information submitted is secure.

Dig deeper into Security on developerWorks

  • Bluemix Developers Community

    Get samples, articles, product docs, and community resources to help build, deploy, and manage your cloud apps.

  • DevOps Services

    Software development in the cloud. Register today to create a project.

  • IBM evaluation software

    Evaluate IBM software and solutions, and transform challenges into opportunities.

ArticleTitle=IBM Global Security Kit 7.0: Managing certificates