Store the certificate private key directly on the coprocessor

For extra security to protect access to and use of a certificate's private key, you can choose to store the key directly on an IBM® Cryptographic Coprocessor. You can select this key storage option as part of creating or renewing a certificate in Digital Certificate Manager (DCM).

Follow these steps from the Select a Key Storage Location page to store the certificate's private key directly on the coprocessor:

  1. Select Hardware as your storage option.
  2. Click Continue. This displays the Select a Cryptographic Device Description page.
  3. From the list of devices, select the one that you want to use for storing the certificate's private key.
  4. Click Continue. DCM continues to display pages for the task that you are completing, such as identifying information for the certificate that you are creating or renewing.
Parent topic: Store certificate keys on an IBM Cryptographic Coprocessor