Keymgmt Create

Creates a credential store application (credstore.nsf) and uses it to store the document encryption key for Web authentication using the OAuth protocol.


This command creates the credential store application credstore.nsf in the directory data\IBM_CredStore on the Domino® server. Then Domino® checks the Domino® server ID file to ensure that the document encryption key specified by the Keymgmt command exists.

If the key exists, Domino® creates a document in the Credential Store database specifying the document encryption key name and fingerprint and whether the credential store application is only to be used on the same server, or within a cluster.

Restriction: In the current release, there can be only one credential store on a non-clustered server, or one per cluster if your organization uses clusters, and the credential store application name must be named credstore.nsf.
Tip: The command uses the abbreviation nek for "named encryption key," which is another term for the document encryption key.


 KEYMGMT CREATE nek nekname 
 KEYMGMT CREATE credstore nekname 


To create a document encryption key called credstorekey, to be used to secure a credential store, enter:

KEYMGMT CREATE nek credstorekey
To create the credential store using a document encryption key called credstorekey, enter:
KEYMGMT CREATE credstore credstorekey