You can use the graphical user interface or REST interface to copy a certificate between
IBM® Security Guardium® Key Lifecycle Manager servers with both the public and
private key.
Procedure
-
Using the graphical user interface
-
On the IBM Security Guardium Key Lifecycle Manager server where the
certificate is located, export the key.
-
Copy the myprivatekeys file to the destination IBM Security Guardium Key Lifecycle Manager server.
-
Import the key on the IBM Security Guardium Key Lifecycle Manager server
where you want to copy the certificate.
-
Using the REST interface
-
On the IBM Security Guardium Key Lifecycle Manager server where the
certificate is located, run the Key Export REST Service.
PUT https://localhost:<port>/SKLM/rest/v1/keys/export
{"alias":"sklmCertificate","fileName":"myprivatekeys","type":"privatekey",
"password":"mypassword"}
-
Copy the myprivatekeys file to the destination IBM Security Guardium Key Lifecycle Manager server.
-
Run the Key Import REST Service.
Results
These steps copy both the private and public key to write and read tapes by using the
certificate.