Installation Instructions for IBM HTTP Server running IKEYMAN GUI

Apr 20, 2023

Installation Instructions for IBM HTTP Server running IKEYMAN GUI

Step 1: Install  Intermediate CA Certificate

  1. Start the key management utility (iKeyman):
    On Windows:  Go to the start UI and select  Start Key Management Utility
    On AIX, Linux or Solaris : Type  ikeyman  on the command line
  2. Open the key database file that was used to create the certificate request.
  3. Enter the password, then click  OK.
  4. Click on the "down arrow" to the right, to display a list of three choices.
  5. Select  Signer Certificates , then click  Add .
  6. Click  Data Type  and select a data type, such as Base64-encoded ASCII data.
    NOTE:  This data type must match the data type of the importing certificate.
  7. Enter a file name and location for  intermediate.cer  digital certificate or click  Browse  to select a file name and location.
  8. Click  OK.
  9. Enter a label for importing certificate, for example:  Intermediate CA
  10. Click  OK .
  11. The Signer Certificates field displays the label of the signer certificate you added.

Step 2: Install the SSL Certificate

  1. Open the .kdb file using the iKeyman utility: 
On Windows: Go to the start UI and select Start Key Management Utility
On AIX, Linux or Solaris: Type ikeyman on the command line
  1. In the middle of the iKeyman GUI you will see a section called  Key database content
  2. Click on the "down arrow" to the right, to display a list of three choices
  3. Select  Personal Certificates
  4. From the  Personal Certificates  section, click  Receive



  5. Data Type - leave the default of " Base64-encoded ASCII data "

     

  6. Browse to the directory that contains the .cert or .arm file
  7. Highlight the file and click  Open .
  8. Now click  OK  on this dialog box

Step 3: Transfer Certificate
  1. To extract an SSL certificate from a key database file and store it in a CA key ring file, start the iKeyman graphical user interface
  2. Run following command:
On Windows: strmqikm
On UNIX: gsk7ikm
  1. Choose  Open  from the  Key Database File  menu. Click  Key database type , and select  CMS .
  2. Click  Browse  to navigate to the directory containing the key database files
  3. Select the key database file to which you want to add the certificate. For example, key.kdb.
  4. Click  Open
  5. In the Password Prompt window, type the password you set when you created the key database and then click  OK .
  6. Select  Signer Certificates  in the Key database content field, and then select the certificate you want to extract.
  7. Click  Extract .
  8. Select the  Data type  of the certificate. For example,  Base64-encoded ASCII
  9. Click  Browse  to select the name and location of the certificate file name.
  10. Click  OK.  The certificate is written in the file you specified.

Have any Questions

Call HTTPS

If you have any questions, feel free to call us