Setting up an SSL-protected network
To set up SSL connections between your clients and servers, you need a trusted signer certificate and a server certificate that is signed by the trusted signer. Use the nc_gskcmd command-line utility or the IBM® Key Management (iKeyman) graphical tool to manage these keys and digital certificates.
About this task
Both utilities use a Certificate Management System (CMS) key database to store digital certificates and keys. The key database needs a password to protect private keys, which are used to sign documents and to decrypt messages that are encrypted with public keys.
In a key database, digital certificates from CAs are stored as signer certificates. Any self-signed certificates that are created, or any server certificates that are received from issuing CAs in response to a certificate request, are stored as personal certificates.