Creating HTTP server keys

The IBM® HTTP Server key file stores certificates used by the IBM HTTP Server.

To create IBM HTTP Server (IHS) keys using the IBM HTTP Server Key Management Utility:

  1. Stop the IBM HTTP Server if it is currently running. See Starting, stopping, and restarting CM Server.
  2. Start the IBM HTTP Server Key Management Utility tool:
    • On Windows®, click Start > Programs > IBM HTTP Server 6.1 > Start Key Management Utility.
    • On the UNIX® system, navigate to the directory /opt/IBM/RationalSDLC/common/IHS/bin (or /opt/ibm/RationalSDLC/common/IHS/bin on Linux®) and enter the command ./ikeyman.
  3. Ensure you have the location of the keystore file you created, such as C:\Program Files\IBM Rational\common\IHS\key.kdb, before performing this step. Click Key Database File > New, enter the following information, and click OK:
    • For Key Database Type, enter CMS key database file
    • For Location, on Windows, enter drive letter:\Program Files\IBM\RationalSDLC\Common\IHS\. On UNIX systems, enter /opt/IBM/RationalSDLC/common/IHS/. And on Linux , enter /opt/ibm/RationalSDLC/common/IHS/.
    You can launch our IBM Key Management program (ikeyman) on UNIX systems and on Linux like this:
    /opt/rational/common/IHS/bin/ikeyman
    The resulting ikey.kdb (key) and ikey.sth (stash) file reside within the /common/IHS/bin subdirectory.
  4. Enter key.kdb as the new keystore file name.
  5. At the password prompt, enter a password, and then confirm it. This password protects the key file you are creating.
    Note: You can optionally set a password expiration time in days. If you enter 365, a new password must be created after 365 days.
  6. Select Stash the password to a file. When you select this option, the HTTP Server is allowed access to the certificates contained in the keystore file by using the password.
  7. Click OK
  8. Restart the IBM HTTP Server. See Starting, stopping, and restarting CM Server.

Feedback