Creating an SSL key database
Use the GSKCapiCmd tool to create your key database. Before using the tool, you must configure your environment; see the topic Configuring the environment to run GSKit for more information
To create the key database, run GSKit and enter the following
command:
gsk<ver>capicmd[_64] -keydb -create -populate -db <filename>.kdb -pw <password> -stash<ver> is the GSKit version number, <filename> is the name
you want to use for the key database file, and <password> is the password for
the key database.The -stash option creates a stash file at the same path as the key database,
with a file extension of .sth. GSKit uses the stash file to obtain the password
to the key database so that it doesn't have to be entered on the command line each time.
Note: You should use strong file system protection on the .sth file.