Importing a key by using the graphical user interface

You can import symmetric and private keys into an IBM® Security Guardium® Key Lifecycle Manager server to enable data transfer between this server and the server from where the keys were exported. The keys to be imported must be stored in an encrypted keystore file.

Before you begin

Copy the keystore file into the default SKLM_DATA directory path on the IBM Security Guardium Key Lifecycle Manager server where you want to import it. For example, C:\Program Files\IBM\WebSphere\Liberty\products\sklm\data. For the definition of SKLM_DATA, see Definitions for HOME and other directory variables.

Procedure

  1. Go to the appropriate page or directory.
    1. Log on to the graphical user interface.
    2. On the Welcome page, click Administration > Export and Import > Import Keys.
  2. Import a key from a keystore file.
    You can import one key at a time.
    1. Select the key type.
    2. Click Browse to select the keystore file to be imported.
    3. For symmetric key type: Select the certificate to be used to decrypt the keys in the keystore file.
      Ensure that it is the same certificate that was used when you exported the key.
    4. For private keys: Specify the password to be used to decrypt the keys in the keystore file.
      Ensure that it is the same password that was used when you exported the keys.
    5. Specify the key alias for the key to be imported.
    6. Optional: To rename the alias of the key that is imported, specify a new alias name.
      You can rename the alias if the current key alias is already in use or if you want to change it.
    7. Select the device group in which the imported key is to be used.
    8. Click Import.
  3. To import multiple keys, repeat Step 2 for each key.