Configure IBM Db2

Perform the following steps to import the PKCS #12 file into a local keystore:

On the server where IBM Db2 is installed, create a working directory in the C: drive for the TLS certificates (such as C:\Certs).

Copy the ca-chain.pem file into the folder.

Open Command Prompt or PowerShell.

Run the following command to create a local keystore:

Shell

"C:\Program Files\IBM\gsk8\bin\gsk8capicmd_64" -keydb -create -db C:\Certs\clientkeydb.p12 -pw safest -type pkcs12 -stash

Run the following command to import the CA certificate bundle into the local keystore:

Shell

"C:\Program Files\IBM\gsk8\bin\gsk8capicmd_64" -cert -add -db C:\Certs\clientkeydb.p12 -stashed -label Root -file C:\Certs\ca-chain.pem

Run the following command to import the PKCS #12 file containing the IBM Db2 client certificate and private key:

Shell

"C:\Program Files\IBM\gsk8\bin\gsk8capicmd_64" -cert -import -db C:\Certs\clientkeydb.p12 -stashed -file C:\Certs\pki.p12 -type pkcs12

Deploy new client endpoint on the CryptoHub

Enable and test encryption in IBM Db2

⌘I

Service guides

Certificate Authority

Certificate management

Certificate validation

Cloud key management

Code signing

Credential management

Data protection

Data storage

Database

Digital signing

DNS

Endpoint management

Firewall

Generic

IT automation and orchestration

Key management

Privileged access management

Secrets management

SSH

TLS offloading

Virtualization

VPN

Service guides

Certificate Authority

Certificate management

Certificate validation

Cloud key management

Code signing

Credential management

Data protection

Data storage

Database

Digital signing

DNS

Endpoint management

Firewall

Generic

IT automation and orchestration

Key management

Privileged access management

Secrets management

SSH

TLS offloading

Virtualization

VPN

Documentation Index