Locating the keystore for a Db2 database

You can use a database manager configuration parameter to locate the encryption keystore for a Db2 database on IBM Software Hub.

About this task

The keystore is used for Db2 native encryption for data at rest. You might need to know the keystore location if you are performing a backup of the database with the intention of restoring it on a different deployment. You can also back up the keystore separately and not necessarily as part of a restore operation.

Procedure

  1. Run the exec command on the Db2 pod. For more information, see Exec into the Db2 pod.
  2. Switch to the Db2 instance owner: 
    su - ${DB2INSTANCE}
  3. Find the KEYSTORE_LOCATION database manager configuration parameter: 
    db2 get dbm cfg | grep KEYSTORE_LOCATION

    The command returns a value that is similar to the following example:

    Keystore location   (KEYSTORE_LOCATION) = /mnt/blumeta0/db2/keystore/keystore.p12