This topic provides detailed information on tasks that
you can perform using the IBM® Key Management utility (IKEYMAN).
This information does not explain how to configure security options
that require updates to the server configuration file.
About this task
The IKEYMAN user interface is based on the Java platform
and uses the Java support that is installed with IBM HTTP Server.
IBM HTTP Server installs a Java Virtual Machine (JVM) for IKEYMAN.
Do not use IKEYMAN with a JVM that was not installed by IBM HTTP Server,
because this is not supported.
In IBM HTTP Server 7.0, two different
versions of IKEYMAN are provided.. The native Tivoli Global Security
Kit (GSKit) that is bundled with IBM HTTP Server 7.0 contains IKEYMAN
Version 7, but the JVM that is bundled with IBM HTTP Server includes
IKEYMAN Version 8.
IKEYMAN Version 8 is enabled by default and
is recommended on all platforms.
Supported configurations: Be aware
of the following version restrictions:
sptcfg
There are some key differences between Version
7 and Version 8 of IKEYMAN. Version 8 of IKEYMAN:
- Changes the PKCS11 (cryptographic hardware) interface from previous
releases. You must now create an external configuration file and make
updates to the /java/jre/lib/security/java.security file.
- Includes enhanced error reporting
- Does not add default signer certificates until you press the Populate
button.