![[AIX, Linux, Windows]](ngalw.gif)
Managing keys and certificates on AIX, Linux, and Windows
On AIX®, Linux®, and Windows, use the
runmqakm and ![[MQ 9.4.0 Jun 2024]](ng940.gif)
![[MQ 9.4.0 Jun 2024]](ng940cd.gif)
runmqktool commands to
manage keys, certificates, and certificate requests.
About this task
Note: The runmqakm command provides the same functions as the GSKit
gskitcapicmd command. The
runmqktool command provides the same functions as the Java
keytool command.
The
runmqktool command provides the same functions as the Java
keytool command.Before using the runmqakm or runmqktool commands, ensure that the systems environment variables are correctly configured by running the setmqenv command.
The runmqktool command requires the IBM® MQ JRE component to be installed. If this component is not installed you can use the runmqakm command instead.
If you need to manage TLS certificates in a way that is FIPS compliant, use the runmqakm command. This is because the runmqakm command supports stronger encryption.
Procedure
Use the runmqakm and runmqktool commands to complete the
following actions:
- Create a CMS and PKCS #12 key repository that IBM MQ supports.
- Create certificate requests.
- Export certificates.
- Import personal certificates and CA certificates.
- Manage self-signed certificates.
- Create, extract, and add secret keys.