The iKeyman tool is used to implement certificates for
servers using Secure Sockets Layer (SSL). When iKeyman error messages are
not meaningful, the iKeyman trace log can be useful to collect data
necessary to debug problems.
If you have already contacted support, continue on to the
component-specific MustGather information. Otherwise, click: MustGather:
Read first for IBM HTTP Server.
Collecting iKeyman specific MustGather information
1. If you are using IBM HTTP Server version
6.0, set JAVA_HOME to <ihsinst>/_jvm.
If you are using IBM HTTP Server version 6.1, set JAVA_HOME to
<ihsinst>/java/jre.
If using an IBM HTTP Server release version earlier than 6.0, set
JAVA_HOME to any 32-bit IBM JRE 1.4.2/1.5 at the latest service level.
2. The following will set up iKeyman in
debugging mode:
- Open a command prompt window in a new, empty directory and CD into
that directory.
- Run the following iKeyman command from the new, empty directory:
gsk7ikm -Dkeyman.debug=true
-Dkeyman.jnitracing=ON -Djava.security.debug=ALL 2>ikeyman.txt
NOTE: When using GSK5 use the command gsk5ikm in place of
gsk7ikm.
3. Recreate the problem in the iKeyman tool.
4. Collect all of the files created in the new directory where you ran
the iKeyman command. The files should include ones such as:
- ikmcdbg.log
- ikmgdbg.log
- ikmjdbg.log
- ikeyman.txt
- jnitrace.*
5. Follow instructions to send
diagnostic information to IBM support.
For a listing of all technotes, downloads, and educational materials
specific to iKeyman, search the IBM
HTTP Server support site or the WebSphere
Application Server support site. |