If you want to play with certificates stored in DCM keystrores (DEFAULT.KDB) then best thing you can use it is ikeyman program from ibm java SDK. This is a tutorial on how to get the java SDK working on Ubuntu.
From IBM support page https://www.ibm.com/support/pages/java-sdk-downloads-version-80
download Installable package (File name: ibm-java-x86_64-sdk-8.0-8.15.bin, Size: 162MB) first.
If you don't have java in Ubuntu, start installing it :
sudo apt install javaMake downloaded *.bin package executable
sudo chmod a+x ibm-java-x86_64-sdk-8.0-8.15.binInstall *.bin package
sudo ./ibm-java-x86_64-sdk-8.0-8.15.binPackage should be installed in this directory /opt/ibm/java-x86_64_80
To be able to open DEFAULT.KDB you need to edit the configuration file /opt/ibm/java-x86_64-80/jre/lib/security/java.security
adding line
security.provider.11=com.ibm.security.cmskeystore.CMSProvider
If you are in bin directory you can run IBM Key Management program directly
./keymanOr you can create desktop shortcut (and then use Run as program)
ln -s /opt/ibm/java-x86_64-80/jre/bin/ikeyman ikeyman
