Key Generation and Storage

Key generation can be accomplished using either an application called ikeyman or using the JCE APIs. The ikeyman application allows you to generate key pairs and store them in different keystore type files or on the hardware device if the device allows this. The JCE APIs allow you to generate key pairs and then at the discretion of the application also store them in a keystore file. Also, some hardware devices ship applications that allow users to generate keys. This provider contains a keystore of type PKCS11IMPLKS (see Keystores for IBMPKCS11Impl for more information about this keystore).