The file-based trust manager provider determines whether to trust a presented certificate based on whether that certificate exists in a server trust store file.
The trust store file can be in either JKS (the default Java key store format) or PKCS#12 (a standard certificate format) form.
Parent Component
The File Based Trust Manager Provider component inherits from the Trust Manager Provider
This page describes the File Based Trust Manager Provider:
Indicate whether the Trust Manager Provider is enabled for use.
Default Value
None
Allowed Values
true
false
Multi-valued
No
Required
Yes
Admin Action Required
None
Advanced Property
No
Read-only
No
trust-store-file
Description
Specifies the path to the file containing the trust information. It can be an absolute path or a path that is relative to the OpenDS Directory Server instance root. Changes to this configuration attribute take effect the next time that the trust manager is accessed.
Default Value
None
Allowed Values
An absolute path or a path that is relative to the OpenDS Directory Server instance root.
Multi-valued
No
Required
Yes
Admin Action Required
None
Advanced Property
No
Read-only
No
trust-store-pin
Description
Specifies the clear-text PIN needed to access the File Based Trust Manager Provider .
Default Value
None
Allowed Values
A String
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property will take effect the next time that the File Based Trust Manager Provider is accessed.
Advanced Property
No
Read-only
No
trust-store-pin-environment-variable
Description
Specifies the name of the environment variable that contains the clear-text PIN needed to access the File Based Trust Manager Provider .
Default Value
None
Allowed Values
A String
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property will take effect the next time that the File Based Trust Manager Provider is accessed.
Advanced Property
No
Read-only
No
trust-store-pin-file
Description
Specifies the path to the text file whose only contents should be a single line containing the clear-text PIN needed to access the File Based Trust Manager Provider .
Default Value
None
Allowed Values
A String
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property will take effect the next time that the File Based Trust Manager Provider is accessed.
Advanced Property
No
Read-only
No
trust-store-pin-property
Description
Specifies the name of the Java property that contains the clear-text PIN needed to access the File Based Trust Manager Provider .
Default Value
None
Allowed Values
A String
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property will take effect the next time that the File Based Trust Manager Provider is accessed.
Advanced Property
No
Read-only
No
trust-store-type
Description
Specifies the format for the data in the trust store file. Valid values always include 'JKS' and 'PKCS12', but different implementations can allow other values as well. If no value is provided, then the JVM default value is used. Changes to this configuration attribute take effect the next time that the trust manager is accessed.
Default Value
None
Allowed Values
Any key store format supported by the Java runtime environment. The "JKS" and "PKCS12" formats are typically available in Java environments.
Multi-valued
No
Required
No
Admin Action Required
None
Advanced Property
No
Read-only
No
Advanced Properties
java-class
Description
The fully-qualified name of the Java class that provides the File Based Trust Manager Provider implementation.
A java class that implements or extends the class(es) :
org.opends.server.api.TrustManagerProvider
Multi-valued
No
Required
Yes
Admin Action Required
None
Advanced Property
Yes
Read-only
No
LDAP Mapping
Each configuration property can be mapped to a specific LDAP attribute under the "cn=config" entry. The mappings that follow are provided for information only. In general, you should avoid changing the server configuration by manipulating the LDAP attributes directly.