Skip to main content

By clicking Submit, you agree to the developerWorks terms of use.

The first time you sign into developerWorks, a profile is created for you. Select information in your profile (name, country/region, and company) is displayed to the public and will accompany any content you post. You may update your IBM account at any time.

All information submitted is secure.

  • Close [x]

The first time you sign in to developerWorks, a profile is created for you, so you need to choose a display name. Your display name accompanies the content you post on developerworks.

Please choose a display name between 3-31 characters. Your display name must be unique in the developerWorks community and should not be your email address for privacy reasons.

By clicking Submit, you agree to the developerWorks terms of use.

All information submitted is secure.

  • Close [x]

Select a language:

  • Close [x]
  • Close [x]

Managing certificates with IBM GSKit

An easy guide to creating, signing, installing, and using certificates with IBM Global Security Kit

Alexei Kojenov (kojenova@us.ibm.com), Advisory Software Engineer, IBM
Photo of Alexei Kojenov
Alexei Kojenov has been a member of the Tivoli Storage Manager (TSM) development team since 2000. In the last several years, his primary focus has been on the security features of the product. He participated in implementation of AES encryption and SSL support in TSM using GSKit. He has extensive knowledge of secure programming and other security practices. He is also the lead Linux developer for TSM client.

Summary:  This tutorial explains how to set up and use IBM Global Security Kit (GSKit) for typical certificate management tasks such as self-signed certificate generation, creation of a Certificate Authority (CA), requesting a certificate from a third-party CA, and installing certificates for use in SSL protocols.

Date:  06 Nov 2012
Level:  Intermediate
PDF:  A4 and Letter (265 KB | 15 pages)Get Adobe® Reader®

Activity:  7513 views
Comments:  

Before you start

This tutorial describes how to use IBM GSKit and OpenSSL tools for common certificate management tasks. It is not a general tutorial on public key cryptography, X.509 certificates, or SSL/TLS.

About this tutorial

IBM Global Security Kit (GSKit) is a common component that is used by a number of IBM products for its cryptographic and SSL/TLS capabilities. While each product provides some minimal documentation on how to use GSKit, this tutorial provides a comprehensive, product neutral tutorial on how to perform common certificate management tasks.

The tasks in this tutorial are described with a command-line approach to ensure they can be incorporated into automation scripts.

Back to top

Objectives

In this tutorial, you learn how to locate and set up the GSKit command-line utility, how to create different kinds of digital certificates, how to set up your own Certificate Authority and sign certificates, as well as how to install, use, and switch between certificates.

Back to top

Prerequisites

This tutorial is written for system administrators, security specialists, and developers who use IBM products containing GSKit.

Back to top

System requirements

You need an IBM product that includes GSKit version 7 or 8. You generally do not need administrative or root access to the system unless you need to install optional OpenSSL software. However, you need read and write access to the certificate key database of your product, which can require administrative or root privileges.

1 of 10 | Next

Comments

Back to top

static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=Security
ArticleID=843404
TutorialTitle=Managing certificates with IBM GSKit
publish-date=11062012
author1-email=kojenova@us.ibm.com
author1-email-cc=cspowers@us.ibm.com

Table of contents

1 of 10 | Next

Next steps from IBM

WebSphere Portal can help your small and midsize business achieve better website security, along with faster time to value with easily deployable and customizable example Web sites.

Dig deeper into Security on developerWorks

IBM SmartCloud trial. No charge.

IBM PureSystems on a kaleideoscope background

Unleash the power of hybrid cloud computing today!

Public and private solutions in one trial.

Share this page:

  • Close [x]

Follow developerWorks:

  • Close [x]