As a first activity, you might create a TLS/KMIP server certificate for use with IBM® Security Guardium® Key Lifecycle Manager.
Procedure
-
Log on to the graphical user interface.
-
Click the Review the configuration parameters and/or create a TLS server
certificate link.
Immediately after you install IBM Security Guardium Key Lifecycle Manager, the
Review the configuration parameters and/or create a TLS server certificate
link is the only available option to configure IBM Security Guardium Key Lifecycle Manager for TLS handshake with the client devices. This
link is not visible if you previously created a TLS server certificate.
-
Alternatively, on the Welcome page, click
.
-
Click Create TLS/KMIP Server Certificate.
-
On the Add TLS/KMIP Certificate dialog, select Create
self-signed certificate.
-
Specify values for the parameters according to your requirements.
-
Click Create Certificate.
What to do next
You might need to export the IBM Security Guardium Key Lifecycle Manager
TLS/KMIP server certificate that you created to a file in an encoded format for use by the client
device. Click the Export Certificate link or click the Export
TLS/KMIP Server Certificate tab. You can also export an existing TLS/KMIP server
certificate by selecting Use an existing certificate. See Exporting a server certificate.