Configure IBM Db2 - Futurex Documentation

Perform the following steps to import the PKCS #12 file into a local keystore:

On the server where IBM Db2 is installed, create a working directory in the C: drive for the TLS certificates (such as C:\Certs).

Copy the ca-chain.pem file into the folder.

Open Command Prompt or PowerShell.

Run the following command to create a local keystore:

Shell

"C:\Program Files\IBM\gsk8\bin\gsk8capicmd_64" -keydb -create -db C:\Certs\clientkeydb.p12 -pw safest -type pkcs12 -stash

Run the following command to import the CA certificate bundle into the local keystore:

Shell

"C:\Program Files\IBM\gsk8\bin\gsk8capicmd_64" -cert -add -db C:\Certs\clientkeydb.p12 -stashed -label Root -file C:\Certs\ca-chain.pem

Run the following command to import the PKCS #12 file containing the IBM Db2 client certificate and private key:

Shell

"C:\Program Files\IBM\gsk8\bin\gsk8capicmd_64" -cert -import -db C:\Certs\clientkeydb.p12 -stashed -file C:\Certs\pki.p12 -type pkcs12

⌘I