Exporting a server certificate

You must export the IBM Security Key Lifecycle Manager SSL/KMIP server certificate to a file in an encoded format for use by the client device. The client device imports this certificate for secure communication with the server.

1. Log on to the graphical user interface.
2. On the Welcome page, click Configuration > SSL/KMIP > Launch Server Configuration Wizard.
3. To create a self-signed certificate, click Create SSL/KMIP Server Certificate. See the Creating a self-signed SSL/KMIP server certificate topic for more information.
4. Click Export SSL/KMIP Server Certificate.
5. On the Export Certificate dialog, select the server certificate from the Certificate name list.
6. Specify certificate name in the File name field.
7. The File location field displays the default <SKLM_DATA> directory path, where the certificate is exported, for example, C:\Program Files\IBM\WebSphere\AppServer\products\sklm\data. For the definition of <SKLM_DATA>, see Definitions for HOME and other directory variables. Click Browse to specify a location under <SKLM_DATA> directory.
8. Specify the certificate type, such as BASE64 or DER.
9. Click Export Certificate.

What to do next

You might go the next step to import the client device communication certificate for secure communication between IBM Security Key Lifecycle Manager server and the client device. Click the Go to Next Step link or select Import SSL/KMIP Server Certificate. See Importing a client communication certificate.