Administering certificates and keys

To administer certificates and keys, you might want to add, modify, or delete their associated node names. You can also add keys and a name that is associated with the keys.

About this task

Your role must have permissions to the view action and to the appropriate device group. Use the management page for GPFS to add, modify, or delete a certificate or key.

Before you begin, examine the columns on the page, which provides buttons to add, modify, or delete a table item.

The table is organized in these information areas:

  • In left columns, information about certificates indicates the certificate UUID, certificate name, and the endpoint count. The endpoint count is the number of endpoints that are using this certificate.
  • In right columns, information about keys indicates the key UUID and the key name that the certificates on the left have access to.

Procedure

  1. Log on to the graphical user interface.
    1. In the Key and Device Management section on Welcome page, select GPFS.
    2. Click Go to > Manage keys and devices.
    3. Alternatively, right-click GPFS and select Manage keys and devices.
  2. You can add, modify, or delete a key or certificate.

    You might do these administrative tasks:

    • Refresh the list.

      Click the refresh icon icon: Refresh to refresh items in the table.

    • Add

      Click Add.

      • Certificate

        On the Add Certificate dialog, type a name and the file name and location of a certificate. Then, click Add.

      • Key

        On the Add Key dialog, specify the information according to your requirements, such as the number of keys to create, up to a maximum of 100 keys. Then, click Add.

      A success indicator varies, showing the addition of a certificate or keys.

    • Modify

      To modify the device group that a certificate or key belongs to, select the certificate or key and then click Modify. Alternatively, right-click the selected certificate or key. Then, click Modify.

      • Certificate

        View read-only information in the Modify Certificate page. Your role must have permissions to the modify action and to the appropriate device group.

      • Key

        View read-only information in the Modify Key page. Your role must have permissions to the delete action and to the appropriate device group.

      A success indicator varies, showing a change in a column for the certificate or key.

    • Delete

      To delete a certificate or key, select the certificate or key, and then click Delete. Alternatively, right-click the selected certificate or key, and then click Delete.

      Metadata for the certificate that you delete is removed from the IBM® Security Guardium® Key Lifecycle Manager database. Key data is also removed. To confirm deletion, click OK. Your role must have permissions to the delete action and to the appropriate device group.

      A success indicator is deletion of the certificate from the able.