Create a Sample Key Database File on z/OS|CLIv2| Teradata Vantage - Create a Sample Key Database File on z/OS - Call-Level Interface Version 2

Teradata® Call-Level Interface Version 2 Reference for Workstation-Attached Systems - 20.00

Deployment
VantageCloud
VantageCore
Edition
Enterprise
IntelliFlex
Lake
VMware
Product
Call-Level Interface Version 2
Release Number
20.00
Published
January 2024
Language
English (United States)
Last Update
2024-05-14
dita:mapPath
bmn1691484839905.ditamap
dita:ditavalPath
obe1474387269547.ditaval
dita:id
fvz1470444150352
Product Category
Teradata Tools and Utilities

The following example shows how to create a sample key database file (‘sample.kdb’) and a password stash file (‘sample.sth’) and import a root CA certificate file (‘root_ca.pem’).

MVSJ:/home/myuserid/certs>
$ ls -l
-rw-r--r--   1 myuserid  mygroup       2021 Sep 10 10:16 root_ca.pem
MVSJ:/home/myuserid/certs>
$ gskkyman

       Database Menu

   1  - Create new database
   1b - Create new empty database
   2  - Open database
   3  - Change database password
   4  - Change database record length
   5  - Delete database
   6  - Create key parameter file
   7  - Display certificate file (Binary or Base64 ASN.1 DER)

  11  - Create new token
  12  - Delete token
  13  - Manage token
  14  - Manage token from list of tokens

   0  - Exit program

Enter option number: 1 <enter>
Enter key database name (press ENTER to return to menu): sample.kdb <enter>
Enter database password (press ENTER to return to menu): <password> <enter>
Re-enter database password: <same password> <enter>
Enter password expiration in days (press ENTER for no expiration): <enter>
Enter database record length (press ENTER to use 5000): <enter>

Enter 1 for FIPS mode database or 0 to continue: 0 <enter>

Key database /home/myuserid/certs/sample.kdb created.

Press ENTER to continue.


       Key Management Menu

       Database: /home/myuserid/certs/sample.kdb
       Expiration: None
       Type: non-FIPS

   1 - Manage keys and certificates
   2 - Manage certificates
   3 - Manage certificate requests
   4 - Create new certificate request
   5 - Receive requested certificate or a renewal certificate
   6 - Create a self-signed certificate
   7 - Import a certificate
   8 - Import a certificate and a private key
   9 - Show the default key
  10 - Store database password
  11 - Show database record length

   0 - Exit program

Enter option number (press ENTER to return to previous menu): 7 <enter>
Enter import file name (press ENTER to return to menu): root_ca.pem <enter>
Enter label (press ENTER to return to menu): Root CA <enter>

Certificate imported.

Press ENTER to continue.


       Key Management Menu

       Database: /home/myuserid/certs/sample.kdb
       Expiration: None
       Type: non-FIPS

   1 - Manage keys and certificates
   2 - Manage certificates
   3 - Manage certificate requests
   4 - Create new certificate request
   5 - Receive requested certificate or a renewal certificate
   6 - Create a self-signed certificate
   7 - Import a certificate
   8 - Import a certificate and a private key
   9 - Show the default key
  10 - Store database password
  11 - Show database record length

   0 - Exit program


Enter option number (press ENTER to return to previous menu): 10 <enter>

Database password stored in /home/myuserid/certs/sample.sth.

Press ENTER to continue. <enter>


       Key Management Menu

       Database: /home/myuserid/certs/sample.kdb
       Expiration: None
       Type: non-FIPS

   1 - Manage keys and certificates
   2 - Manage certificates
   3 - Manage certificate requests
   4 - Create new certificate request
   5 - Receive requested certificate or a renewal certificate
   6 - Create a self-signed certificate
   7 - Import a certificate
   8 - Import a certificate and a private key
   9 - Show the default key
  10 - Store database password
  11 - Show database record length

   0 - Exit program

Enter option number (press ENTER to return to previous menu): 0 <enter>
MVSJ:/home/hs186016/certs>
$ ls -l
total 136
-rw-r--r--   1 myuserid  mygroup       2021 Sep 10 10:16 root_ca.pem
-rw-------   1 myuserid  mygroup      50080 Sep 10 10:17 sample.kdb
-rw-------   1 myuserid  mygroup         80 Sep 10 10:17 sample.rdb
-rw-------   1 myuserid  mygroup        129 Sep 10 10:17 sample.sth