Menu
picture of tbs certificates
picture of tbs certificates
Certificates
Our products range
Partners
Support
Focus


Generate a CSR for IBM HTTP

To use a certificate with IBM HTTP, you need to create a key database using the tool gkcapicmd.

Using gskcmd

The first step is to locate gkcapicmd binaries. By default you can find them in the bin directory from the install directory. The binaries are called gskcmd.bat on Windows and gskcmd on other platforms.

You can also use the gskcapicmd tool to run the majority of the same tasks. This tool purpose is to handle cryptographic supports like PKCS#11. The directory is the same. Binaries are named gskcapicmd.bat on Windows, and gskcapicmd on other platforms.

Creating the key database

IBM HTTP requires a stash file to store the password. The following command allows you to generate your key database, and its stash file. The files are created in the current directory unless you specify a path.

install_dir/bin/gskcmd -keydb -create -db yourDatabase.kbd -pw   yourPassword -stash yourDatabase.sth

Creating the private key and the CSR

You can now generate the private key and the CSR:

install_dir/bin/gskcmd -certreq -create -db yourDatabase.kbd   -stashed -stash yourDatabase.sth -label RequestLabel -dn "CN=www.domain.tld, O=YOUR ORGANIZATION, ,L=CITY, ST=State or Province, C=GB" -size 2048 -sigAlg   sha256 -file myRequest.csr

Your CSR is now available, you can order your certificate.

See also