Key repository archive format
The key repository archive produced by the keybackup command is a gzip tarball (tar.gz) file.
The tar.gz file contains the key repository files, which are encrypted and protected by the password specified when keybackup was run.
From 9.4.0 onwards, backups created include a small meta data file and a PKCS#12 key repository:
- info
- key.p12
Backups taken on earlier versions (or from queue manager that have not been started since an
upgrade to 9.4.0) include a small meta data file and the three files that make up a CMS repository:
- info
- key.kdb
- key.rdb
- key.crl
The info meta data file contains the following information:
- BackupVersion
- This field specifies 1 for a CMS backup and 2 for a PCKS#12 backup.
- FirmwareVersion
- Indicates the version of the firmware used to create the backup.
Note: The info meta data file only exists where the backup was produced by
versions 9.4.0, 9.3.0.20LTS, or 9.3.4CD. Otherwise the keyrestore command assumes
that the archive contains CMS keystore files.