Directory Services 7.4.2

File Based Key Manager Provider

The File Based Key Manager Provider can be used to obtain the server certificate from a key store file on the local file system.

Multiple file formats may be supported, depending on the providers supported by the underlying Java runtime environment.

Parent

The File Based Key Manager Provider object inherits from Key Manager Provider.

File Based Key Manager Provider properties

You can use configuration expressions to set property values at startup time. For details, see Property value substitution.

Basic Properties Advanced Properties

enabled
key-store-file
key-store-pin
key-store-type

java-class

Basic properties

Use the --advanced option to access advanced properties.

enabled

Synopsis

Indicates whether the Key Manager Provider is enabled for use.

Default value

None

Allowed values

true

false

Multi-valued

No

Required

Yes

Admin action required

None

Advanced

No

Read-only

No

key-store-file

Synopsis

Specifies the path to the file that contains the private key information. This may be an absolute path, or a path that is relative to the OpenDJ instance root.

Description

Changes to this property will take effect the next time that the key manager is accessed.

Default value

None

Allowed values

A path to an existing file that is readable by the server.

Multi-valued

No

Required

Yes

Admin action required

None

Advanced

No

Read-only

No

key-store-pin

Synopsis

Specifies the clear-text PIN needed to access the File Based Key Manager Provider .

Default value

None

Allowed values

A string.

Multi-valued

No

Required

No

Admin action required

None

Changes to this property will take effect the next time that the File Based Key Manager Provider is accessed.

Advanced

No

Read-only

No

key-store-type

Synopsis

Specifies the format for the data in the key store file.

Description

Valid values should always include 'JKS' and 'PKCS12', but different implementations may allow other values as well. If no value is provided, the JVM-default value is used. Changes to this configuration attribute will take effect the next time that the key manager is accessed.

Default value

None

Allowed values

Any key store format supported by the Java runtime environment.

Multi-valued

No

Required

No

Admin action required

None

Advanced

No

Read-only

No

Advanced properties

Use the --advanced option to access advanced properties.

java-class

Synopsis

The fully-qualified name of the Java class that provides the File Based Key Manager Provider implementation.

Default value

org.opends.server.extensions.FileBasedKeyManagerProvider

Allowed values

A Java class that extends or implements:

  • org.opends.server.api.KeyManagerProvider

Multi-valued

No

Required

Yes

Admin action required

The object must be disabled and re-enabled for changes to take effect.

Advanced

Yes

Read-only

No

Copyright © 2010-2024 ForgeRock, all rights reserved.