Key Generation and Storage
Key generation can be accomplished using either an application
called
ikeyman
or using the JCE APIs. The ikeyman
application allows you to generate key pairs and
store them in different keystore type files or on the hardware device
if the device allows this. The JCE APIs allow you to generate key
pairs and then at the discretion of the application also store them
in a keystore file. Also, some hardware devices ship applications
that allow users to generate keys. This provider contains a keystore
of type PKCS11IMPLKS (see Keystores
for IBMPKCS11Impl for more information about this keystore). Note: In 6 and later,
ikeyman
requires the IBMPKCS11Impl
provider, not the IBMPKCS11 provider. See the ikeyman
documentation for more information.