Question & Answer
Question
Db2 10.5でネイティブ暗号化を利用してデータベースを以下の手順で作成したところ、マスター鍵の有効期限が10 年になっていました。 マスター鍵の有効期限を 10 年に設定している理由を教えてください。
$ gsk8capicmd_64 -keydb -create -db /work/keydb.p12 -pw password -type pkcs12 -stash
$ db2 update dbm cfg using keystore_type pkcs12 keystore_location /work/keydb.p12
$ db2 create db DBNAME encrypt
$ gsk8capicmd_64 -cert -list -db /work/keydb.p12 -pw password -expiry 2700
Certificates found
* default, - personal, ! trusted, # secret key
# DB2_SYSGEN_e105q7a_DBNAME_2017-04-21-15.59.50
Not After : April 19, 2027 3:59:51 PM GMT+09:00
$ date Fri Apr 21 16:04:01 JST 2017
[{"Type":"MASTER","Line of Business":{"code":"LOB10","label":"Data and AI"},"Business Unit":{"code":"BU058","label":"IBM Infrastructure w\/TPS"},"Product":{"code":"SSEPGG","label":"Db2 for Linux, UNIX and Windows"},"ARM Category":[{"code":"a8m500000008PmnAAE","label":"Security and Plug-Ins-\u003EEncryption"}],"ARM Case Number":"","Platform":[{"code":"PF002","label":"AIX"},{"code":"PF010","label":"HP-UX"},{"code":"PF016","label":"Linux"},{"code":"PF027","label":"Solaris"},{"code":"PF033","label":"Windows"}],"Version":"10.5.0;11.1.0;11.5.0"}]
Log InLog in to view more of this document
This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.
Was this topic helpful?
Document Information
Modified date:
30 April 2025
UID
swg22002371