Administering generic KMIP clients and cryptographic objects

To administer generic KMIP clients and their cryptographic objects, you need to add symmetric keys, key pairs, and assign a certificate to the generic KMIP client.

About this task

When you are administering a generic KMIP client, you can specify any of the following certificates to be used for communication:
  • An existing client certificate that is not in use by another generic KMIP client.
  • A pending client certificate.
  • A stored client certificate that can be imported.

You can add users to the generic KMIP client to run the key management operations. These users must exist in WebSphere Application Server Liberty with the klmUser role.

Procedure

  1. Log in to the IBM Guardium Key Lifecycle Manager graphical user interface.
  2. Create the generic KMIP client. For more information, see Creating a generic KMIP client.
  3. On the generic KMIP client management page, modify the client properties and add cryptographic objects such as symmetric keys, key pairs, and assign a certificate to the generic KMIP client.