Loading and setting auxiliary storage pool master key
You can set the auxiliary storage pool (ASP) master key as you would any other master key, by first loading key parts and then setting the ASP master key. The ASP master key is used for protecting data in the independent auxiliary storage pool (known as an independent disk pool in the graphical interface).
To set the ASP master key, you must first load master key parts and then set the ASP master key. You can load as many master key parts as you want for the ASP master key. By setting the save/restore master key, the new ASP master key version moves to the current ASP master key version.
To load the ASP master key from the IBM Navigator for i interface, follow these steps:
- Select Security from your IBM Navigator for i window.
- Select Cryptographic Services Key Management.
- Select Manage Master Keys.
- Select the ASP master key.
- Select Load Part from the Select Actions menu.
- Use the Load Part dialog to specify the passphrase.
You can also use the Add Master Key Part (ADDMSTPART) CL command to load a key part for the ASP master key.
Or, if you prefer to write your own application to load the ASP master key, you can do so by using the Load Master Key Part (OPM, QC3LDMKP; ILE, Qc3LoadMasterKeyPart) API.
You can also use the Set Master Key (SETMSTKEY) CL command to set the ASP master key that has parts already added.
Or, if you prefer to write your own application to set the ASP master key, you can do so by using the Set Master Key (QC3SETMK; Qc3SetMasterKey) API.