Configuration Reference Home
OpenDJ - PKCS11 Key Manager Provider

PKCS11 Key Manager Provider

The PKCS11 Key Manager Provider enables the server to access the private key information through the PKCS11 interface.

This standard interface is used by cryptographic accelerators and hardware security modules.

Parent Component

The PKCS11 Key Manager Provider component inherits from the Key Manager Provider

Properties

A description of each property follows.


Basic Properties: Advanced Properties:
↓ enabled ↓ java-class
↓ key-store-pin
↓ key-store-pin-environment-variable
↓ key-store-pin-file
↓ key-store-pin-property

Basic Properties

enabled

Description
Indicates whether the Key Manager Provider is enabled for use.
Default Value
None
Allowed Values
true
false
Multi-valued
No
Required
Yes
Admin Action Required
None
Advanced Property
No
Read-only
No

key-store-pin

Description
Specifies the clear-text PIN needed to access the PKCS11 Key Manager Provider .
Default Value
None
Allowed Values
A String
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property will take effect the next time that the PKCS11 Key Manager Provider is accessed.
Advanced Property
No
Read-only
No

key-store-pin-environment-variable

Description
Specifies the name of the environment variable that contains the clear-text PIN needed to access the PKCS11 Key Manager Provider .
Default Value
None
Allowed Values
The name of a defined environment variable that contains the clear-text PIN required to access the contents of the key store.
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property will take effect the next time that the PKCS11 Key Manager Provider is accessed.
Advanced Property
No
Read-only
No

key-store-pin-file

Description
Specifies the path to the text file whose only contents should be a single line containing the clear-text PIN needed to access the PKCS11 Key Manager Provider .
Default Value
None
Allowed Values
A path to an existing file that is readable by the server.
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property will take effect the next time that the PKCS11 Key Manager Provider is accessed.
Advanced Property
No
Read-only
No

key-store-pin-property

Description
Specifies the name of the Java property that contains the clear-text PIN needed to access the PKCS11 Key Manager Provider .
Default Value
None
Allowed Values
The name of a defined Java property.
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property will take effect the next time that the PKCS11 Key Manager Provider is accessed.
Advanced Property
No
Read-only
No


Advanced Properties

java-class

Description
The fully-qualified name of the Java class that provides the PKCS11 Key Manager Provider implementation.
Default Value
org.opends.server.extensions.PKCS11KeyManagerProvider
Allowed Values
A java class that implements or extends the class(es) :
org.opends.server.api.KeyManagerProvider
Multi-valued
No
Required
Yes
Admin Action Required
The PKCS11 Key Manager Provider must be disabled and re-enabled for changes to this setting to take effect
Advanced Property
Yes
Read-only
No