InfoCenter Home >
5: Securing applications -- special topics >
5.5: Tools for managing keys >
5.5.6: Tools for managing certificates and keys >
5.5.6.2: The IBM Key Management tool >
5.5.6.2.4: Adding a CA certificate to aclient's keyring class

5.5.6.2.4: Adding a CA certificate to a client's keyring class

To allow a client to authenticate to a server, the client needs a copy of the certificate of the server's CA. To add a CA certificate to a client's key database class, complete the following steps:

  1. Start the IBM Key Management tool. This displays the IBM Key Management window.
    java -Dkeyman.javaOnly=true com.ibm.gsk.ikeyman.Ikeyman
    

  2. Open the client's key database file by selecting Key Database File --> Open from the menu bar.
  3. Enter the name and location of the keyring file at the prompt.
  4. Click the OK button to continue.
  5. Click on the certificate types pull-down list beneath Key Database Context, and select Signer Certificates.
  6. Click the Add button.
  7. The Add CA's Certificate from a File dialog window is displayed. Enter the name of the file containing the certificate.
  8. Click the OK button to continue.
  9. Close the IBM Key Management window to exit iKeyman.

You also need to make the keyring class available to Java clients by setting the apppropriate properties.

Go to previous article: Placing a signed digital certificate into a keyring Go to next article: Making keyrings accessible

 

 
Go to previous article: Placing a signed digital certificate into a keyring Go to next article: Making keyrings accessible