Copying a certificate between IBM Security Guardium Key Lifecycle Manager servers

You can use the graphical user interface or REST interface to copy a certificate between IBM® Security Guardium® Key Lifecycle Manager servers with both the public and private key.

Procedure

  • Using the graphical user interface
    1. On the IBM Security Guardium Key Lifecycle Manager server where the certificate is located, export the key.
    2. Copy the myprivatekeys file to the destination IBM Security Guardium Key Lifecycle Manager server.
    3. Import the key on the IBM Security Guardium Key Lifecycle Manager server where you want to copy the certificate.
  • Using the REST interface
    1. On the IBM Security Guardium Key Lifecycle Manager server where the certificate is located, run the Key Export REST Service.
      PUT https://localhost:<port>/SKLM/rest/v1/keys/export
      {"alias":"sklmCertificate","fileName":"myprivatekeys","type":"privatekey",
      "password":"mypassword"}
    2. Copy the myprivatekeys file to the destination IBM Security Guardium Key Lifecycle Manager server.
    3. Run the Key Import REST Service.

Results

These steps copy both the private and public key to write and read tapes by using the certificate.