IBM Support

How to determine the signature algorithm used for the certificate on your Db2 server?

How To


Summary

The certificate is created with -sigalg option to specify the signature algorithm.

How to determine the signature algorithm used for the certificate on your Db2 server?

On the Db2 server, where GSKit has been installed, you can run the following commands on your KDB file.

Steps

1. cd to the location of your .kdb file(s). Generally, these can be found in /home/db2inst1/sqllib/security/keystore
2. Run  gsk8capicmd_64 -cert -list -db server.kdb -pw Passw0rd command to get the label for server.kdb.
Certificates found
* default, - personal, ! trusted, # secret key
-       myselfsigned
3. Run gsk8capicmd_64 -cert -details -label myselfsigned -db server.kdb -stashed command to get the Signature Algorithm which is SHA256WithRSASignature in this case.

Label : myselfsigned
Key Size : 2048
Version : X509 V3
Serial : 105832f66ff2654a
Issuer : CN=myhost.mycompany.com,OU=myOrganizationUnit,O=myOrganization,L=myLocation,ST=ON,C=CA
Subject : CN=myhost.mycompany.com,OU=myOrganizationUnit,O=myOrganization,L=myLocation,ST=ON,C=CA
Not Before : April 20, 2021 7:51:04 PM PDT
Not After : April 21, 2022 7:51:04 PM PDT
Public Key
    30 82 01 22 30 0D 06 09 2A 86 48 86 F7 0D 01 01
    01 05 00 03 82 01 0F 00 30 82 01 0A 02 82 01 01
    00 C6 50 0F EA E7 5C 93 BD 97 BD A6 A6 5B 34 D2
    17 88 E7 0D 8B 7B 20 D2 6A D6 34 E3 2E 1A E3 16
    0F 59 94 06 18 FD C6 95 74 53 5C 3D 1E 39 3D 70
    11 48 26 F7 49 CD A0 91 3E 54 0A 35 96 83 5C 64
    60 94 DD 10 6F D8 4D 54 00 0B 7E BA 77 5F 1C 29
    95 32 B8 AE CF 3E 94 B6 BC 10 2B DC AD 8D 22 A0
    D2 10 E8 14 E5 68 42 84 50 71 D8 B4 32 19 DC DC
    FF 72 EA 1A 13 EB E1 12 AC 14 70 0F 48 84 E3 E3
    78 8F B8 39 97 B1 F5 D6 C0 ED 30 E9 34 84 66 49
    3A FA CE C5 81 2A 5B 0B CA 22 1C 48 DF 01 17 1C
    B8 24 80 37 9A 55 E2 90 2A 4F E5 F5 07 66 E7 C8
    93 C2 44 06 2D D4 73 12 A7 75 8B 24 46 A1 42 51
    E5 AD E6 DB 87 09 10 93 1C E5 55 FE CD A5 41 B2
    0B 6D E4 DE 91 76 F1 7D 29 7F 7F 71 AA B4 C7 AC
    B2 F4 3C 0B 75 73 6C E0 2F BA F3 E4 0D 1A D5 93
    83 D5 E1 EE 17 3A C3 D3 2D 38 75 62 22 F8 D6 C9
    49 02 03 01 00 01
Public Key Type : RSA (1.2.840.113549.1.1.1)
Fingerprint : SHA1 :
    AA 2D CE 8A 89 02 81 46 FE 27 51 AA B0 E6 23 A6
    54 3A DE 30
Fingerprint : MD5 :
    F0 68 79 C4 94 C0 6C B7 CD B3 4C E9 EA 40 AC 30
Fingerprint : SHA256 :
    96 8D 96 EA 03 D4 35 54 0C 53 4B 7F 5A 36 D2 93
    67 E3 2B 02 AD 7B 7B 86 77 16 2B 46 6C 32 BF 7F
Fingerprint : HPKP :
    uaumtyvWt9yIXYO7X+pEeo/wWTOGDOQya4klXROmHUY=
Extensions
    SubjectKeyIdentifier
      keyIdentifier:
    99 F6 C7 17 92 8F CD 21 A2 EE FA DD F5 6E 12 34
    D9 09 D3 F5
    AuthorityKeyIdentifier
      keyIdentifier:
    99 F6 C7 17 92 8F CD 21 A2 EE FA DD F5 6E 12 34
    D9 09 D3 F5
      authorityIdentifier:
      authorityCertSerialNumber:
Signature Algorithm : SHA256WithRSASignature (1.2.840.113549.1.1.11)
Value
    BB EF 60 C2 72 F5 73 09 59 B8 FF 7C B3 8C F0 03
    95 FD 2A 7C 4F DF D1 7B A3 CA CE 37 99 14 97 35
    58 39 79 52 57 3E 22 B2 89 31 4C B9 E2 56 8D 93
    BA 62 57 7B 01 63 69 5A 09 30 9F 2C 39 9D 75 68
    52 E7 AF 9B 39 B6 1C C8 E2 17 82 1E 8F 82 04 09
    37 41 E0 C8 9E C7 D8 43 95 7E CD 9F E0 A1 D2 A5
    9C B8 83 6D 88 FF 7B D4 09 06 AF 30 22 D0 26 87
    9B DE 94 C4 9D 0D 4E D1 4F 84 5B 52 8E 78 AA 32
    20 DA 66 50 A6 FD 87 BC E2 55 34 30 25 89 CC 6A
    ED BD F9 E7 3B F4 59 D4 B4 2A F8 49 82 F9 79 FB
    41 82 22 B1 E4 44 8A D5 84 E0 CB F7 3A DD E6 72
    3D 9B F5 A9 92 D6 3D 2E 32 23 ED C3 EE 27 25 84
    31 F9 3A 0D C4 C0 FE 71 63 6F E5 74 0A E2 8D C2
    66 42 37 9B B9 C6 91 F1 A4 39 F3 40 16 66 DC D8
    FC C3 50 F6 EA 1F 72 32 E8 1A 37 A7 49 D1 46 C6
    C3 B7 13 19 B8 EE C5 41 D7 B8 68 A3 04 4C AB 03
Trust Status : Enabled

Document Location

Worldwide

[{"Type":"SW","Line of Business":{"code":"LOB10","label":"Data and AI"},"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Product":{"code":"SSEPGG","label":"Db2 for Linux, UNIX and Windows"},"ARM Category":[{"code":"a8m500000008PkuAAE","label":"Security and Plug-Ins"}],"ARM Case Number":"TS005695750","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"}],"Version":"All Version(s)"}]

Document Information

Modified date:
19 July 2021

UID

ibm16454791