Manualshelf

Quick Reference Guide

ManualsBrandsDell ManualsSoftwareDell Encryption Key Manager Version 3.1
41424344454647484950
where <
EKM_ 2.X_ keystore_name
> is the name of the EKM 2.X keystore you are importing.
For example:
keytool -list -keystore
EKMKeys.jck
-storetype JCEKS
The system prompts you for a password.
4. Enter the EKM 2.X keystore password and press Enter.
The EKM 2.X keystore type, the ekmcert certificate, the keystore provider, and the keys in the EKM 2.X keystore are
displayed. You will use the list of keys to compare against the EKM 3.0 keystore to verify that these keys are not in
the EKM 3.0 keystore.
NOTE: Keep the command prompt open. In a later step, you will search for these keys and/or the ekmcert
certificate in the EKM 3.0 keystore to verify that they have been removed from EKM 3.0.
5. Start the EKM 3.0 server using the startserver command. Refer to Starting and Stopping the EKM 3.0 Server in
Windows or Starting and Stopping the EKM 3.0 Server in Linux.
6.
In a Windows command prompt
, navigate to <
root
>:\Dell\EKM\bin.
In Linux
, navigate to /opt/dell/ekm/bin.
7. Log onto the WebSphere server using the wsadmin command. Refer to Logging onto the WebSphere Server.
8. At the wsadmin prompt, using the key alias obtained earlier, issue one of the following commands to list a specific
key or certificate on the EKM 3.0 server:
For keys:
print AdminTask.tklmKeyList('[-alias <key alias>]')
For the ekmcert certificate:
print AdminTask.tklmKeyList('[-alias ekmcert]')
NOTE: You obtained the key aliases in a previous step. In Windows, you can copy the aliases using the toolbar
on the command prompt window.
NOTE: If you want to visually compare the key aliases, you can list all of the keys on the EKM 3.0 server by
issuing the following command:
print AdminTask.tklmKeyList('[-alias]')
9. Press Enter.
The command runs.
If the duplicate key is not on EKM 3.0, the following text displays:
Found 0 keys.
If the key or certificate is on EKM 3.0, the UUID and the key or certificate alias display.
If the key or certificate is on EKM 3.0, delete the key or certificate from EKM 3.0. Refer to Deleting a Specific Key.
Repeat this step for each duplicate key that was listed previously.
41