| Where allowed to run: All environments (*ALL) Threadsafe: Yes |
Parameters Examples Error messages |
The Check Master KVV (CHKMSTKVV) command returns the key verification value (KVV) for the specified master key in informational message CPI9ED3.
For more information on master keys, refer to the Cryptographic services key management section of the Security category in the IBM Systems Information Center at http://www.ibm.com/systems/infocenter/.
Note: If the KVV value returned for the Save/Restore Master Key is hexadecimal '16C1D3E3C073E77DB28F33E81EC165313318CE54', the key is set to its default value. The default value is not a secure setting for saving the master keys. Master keys can be saved by running the Save System (SAVSYS) command. To properly secure your master keys on the next SAVSYS operation, load and set the Save/Restore Master Key using the Add Master Key Part (ADDMSTPART) and Set Master Key (SETMSTKEY) CL commands, or by using the Qc3LoadMasterKeyPart and Qc3SetMasterKey APIs, or by using the Cryptographic Services Key Management interface in System i Navigator.
Restrictions:
None
| Top |
| Keyword | Description | Choices | Notes |
|---|---|---|---|
| MSTKEY | Master key | 1-8, *ASP, *SAVRST | Required, Positional 1 |
| VERSION | Master key version | *NEW, *CURRENT, *OLD, *PENDING | Required, Positional 2 |
| Top |
Specifies the master key on which to perform the action.
This is a required parameter.
The action will be performed on:
| Top |
Specifies the version of the master key whose key verification value will be returned in informational message CPI9ED3.
This is a required parameter.
| Top |
CHKMSTKVV MSTKEY(*ASP) VERSION(*CURRENT)
This command checks whether there is a current version of the auxiliary storage pool (ASP) master key. If a current version exists, informational message CPI9E93 is sent with the version's KVV as a replacement data value.
| Top |
*ESCAPE Messages
| Top |