Directory Services 7.3.5

PKCS#11 Trust Manager Provider

The PKCS#11 Trust Manager Provider enables the server to manage trust information through the PKCS11 interface

This standard interface is used by cryptographic accelerators and hardware security modules.

Parent

The PKCS#11 Trust Manager Provider object inherits from Trust Manager Provider.

PKCS#11 Trust Manager Provider properties

You can use configuration expressions to set property values at startup time. For details, see Property value substitution.

Basic Properties Advanced Properties

enabled
trust-store-pin
trust-store-type

java-class

Basic properties

Use the --advanced option to access advanced properties.

enabled

Synopsis

Indicate whether the Trust Manager Provider is enabled for use.

Default value

None

Allowed values

true

false

Multi-valued

No

Required

Yes

Admin action required

None

Advanced

No

Read-only

No

trust-store-pin

Synopsis

Specifies the clear-text PIN needed to access the PKCS#11 Trust Manager Provider .

Default value

None

Allowed values

A string.

Multi-valued

No

Required

No

Admin action required

None

Changes to this property will take effect the next time that the PKCS#11 Trust Manager Provider is accessed.

Advanced

No

Read-only

No

trust-store-type

Synopsis

Specifies the type of PKCS#11 trust manager, when the specific name must be explicit.

Description

  1. If no type is specified, the default value of "PKCS11" will be used.

Default value

PKCS11

Allowed values

Any PKCS#11 key store format supported by this Java runtime environment.

Multi-valued

No

Required

No

Admin action required

Restart the server for changes to take effect.

Advanced

No

Read-only

No

Advanced properties

Use the --advanced option to access advanced properties.

java-class

Synopsis

The fully-qualified name of the Java class that provides the PKCS#11 Trust Manager Provider implementation.

Default value

org.opends.server.extensions.Pkcs11TrustManagerProvider

Allowed values

A Java class that extends or implements:

  • org.opends.server.api.TrustManagerProvider

Multi-valued

No

Required

Yes

Admin action required

None

Advanced

Yes

Read-only

No

Copyright © 2010-2024 ForgeRock, all rights reserved.