IBM WebSphere XS40 Command Reference Manual page 264

URL
password password
password-alias password-alias
Guidelines
Before using the password-alias keyword, you must use the password-map
command to 3DES-encrypt the shared secret key password and associate an alias
with the encrypted password. An attempt to reference an encrypted password not
found in the Password map results in command failure.
v In environments that utilize plaintext (unencrypted) passwords, the password
v In environments that utilize encrypted passwords, the password-alias argument is
Use the sskey command in conjunction with the certificate and idcred commands
to create an Identification Credentials that consists of a certificate, which contains a
public key, and the corresponding private key.
The no sskey command deletes only the alias for the stored shared secret key. The
file that contains the actual shared secret key remains on the appliance.
Related Commands
password-map
Examples
v Creates the alice alias for the SS2.pem shared secret key. The target key is
v Creates the alice alias the SS2.pem shared secret key. The target key is contained
238
Command Reference
Specifies a local URL that identifies the file that contains the private key.
v If the private key is stored in the private cryptographic area, the URL
takes the filename form.
v If the private key is stored in the public cryptographic area, the URL
takes the pubcert:///filename form.
Note: Do not store private key files in the public cryptographic area.
This area is intended for the storage of certificate files that are
publicly available.
Specifies the plaintext password required to access the shared secret key
file. Required when a shared secret key file is password-protected.
Specifies the alias for the encrypted password required to access the shared
secret key file. Required when a shared secret key file is
password-protected.
argument is used to open and read the shared secret key file.
searched for in the password map file and its associated encrypted password is
identified. The encrypted password in turn is then 3DES-decrypted (using the
locally generated host key) to yield the plaintext password used to open and
read the shared secret key file.
contained within the private cryptographic area.
# sskey alice SS2.pem
Creating key 'alice'
#
within the private cryptographic area, and is accessed with the oceanCity
plaintext password.
# sskey alice SS2.pem
password oceanCity
Creating key 'alice'
#