Oracle Unified Directory - Hardware Based Key Manager Provider

Hardware Based Key Manager Provider

Note: this is an abstract component, that cannot be instantiated.

The Hardware Based Key Manager Provider enables the server to access the private key information through a generic hardware based key store.

This standard interface is used by cryptographic accelerators and hardware security modules.

The following Hardware Based Key Manager Providers are available in the server :

These Hardware Based Key Manager Providers inherit from the properties described below.

The Hardware Based Key Manager Provider component inherits from the Key Manager Provider

A description of each property follows.

Basic Properties:	Advanced Properties:
↓ enabled	↓ java-class
↓ key-store-pin
↓ key-store-pin-environment-variable
↓ key-store-pin-file
↓ key-store-pin-property
↓ key-store-type

enabled

Description	Indicates whether the Key Manager Provider is enabled for use.
Default Value	None
Allowed Values	true false
Multi-valued	No
Required	Yes
Admin Action Required	None
Advanced Property	No
Read-only	No

key-store-pin

Description	Specifies the clear-text PIN needed to access the Hardware Based Key Manager Provider .
Default Value	None
Allowed Values	Unknown
Multi-valued	No
Required	No
Admin Action Required	None. Changes to this property will take effect the next time that the Hardware Based Key Manager Provider is accessed.
Advanced Property	No
Read-only	No

key-store-pin-environment-variable

Description	Specifies the name of the environment variable that contains the clear-text PIN needed to access the Hardware Based Key Manager Provider .
Default Value	None
Allowed Values	The name of a defined environment variable that contains the clear-text PIN required to access the contents of the key store.
Multi-valued	No
Required	No
Admin Action Required	None. Changes to this property will take effect the next time that the Hardware Based Key Manager Provider is accessed.
Advanced Property	No
Read-only	No

key-store-pin-file

Description	Specifies the path to the text file whose only contents should be a single line containing the clear-text PIN needed to access the Hardware Based Key Manager Provider .
Default Value	None
Allowed Values	A path to an existing file that is readable by the server.
Multi-valued	No
Required	No
Admin Action Required	None. Changes to this property will take effect the next time that the Hardware Based Key Manager Provider is accessed.
Advanced Property	No
Read-only	No

key-store-pin-property

Description	Specifies the name of the Java property that contains the clear-text PIN needed to access the Hardware Based Key Manager Provider .
Default Value	None
Allowed Values	The name of a defined Java property.
Multi-valued	No
Required	No
Admin Action Required	None. Changes to this property will take effect the next time that the Hardware Based Key Manager Provider is accessed.
Advanced Property	No
Read-only	No

key-store-type

Description	Specifies the format for the data in the key store file. The name of the key store type. If no value is provided, the JVM-default value is used. Changes to this configuration attribute will take effect the next time that the key manager is accessed.
Default Value	None
Allowed Values	Any key store format supported by the Java runtime environment.
Multi-valued	No
Required	No
Admin Action Required	None
Advanced Property	No
Read-only	No

java-class

Description	The fully-qualified name of the Java class that provides the Hardware Based Key Manager Provider implementation.
Default Value	org.opends.server.extensions.HardwareBasedKeyManagerProvider
Allowed Values	A java class that implements or extends the class(es) : org.opends.server.api.KeyManagerProvider
Multi-valued	No
Required	Yes
Admin Action Required	The Hardware Based Key Manager Provider must be disabled and re-enabled for changes to this setting to take effect
Advanced Property	Yes
Read-only	No