Defining Algorithm Keysets
Access the Algorithm Keyset page (). Each row displays a key value. You can add, modify, or remove key values.
Choose an algorithm ID or description to view the keyset of any algorithm in the database. The page changes depending upon which key storage location option you choose.
Using Certificate Store Value for the Key Storage Location
Select the Use Certificate Store Value option when the Keyset Value has been predefined within the Digital Certificates component. The system stores only the Digital Certificate Name, not the actual key text. This option enables you to take advantage of key values already stored in the PeopleSoft keystore.
See Configuring Digital Certificates.
This example illustrates the fields and controls on the Algorithm Keyset page when Use Certificate Store Value is selected.
|
Field or Control |
Description |
|---|---|
|
Keyset ID |
Enter a name for the key value in the current row. Each row must have a unique keyset ID for this algorithm. Click the plus or minus buttons to add or remove rows. |
|
Certificate Alias |
Select a certificate alias from the keystore, then indicate whether the alias represents a certificate or a private key. This option is not enabled for aes* and 3des* algorithms. Important! The certificate must be a local node certificate. Note: Certificates in the PeopleSoft keystore are in standard X.509 format, which is compatible for use with the internal and OpenSSL algorithms. |
Using Entered Value for the Key Storage Location
Select the Use Entered Value option to use key values that aren't in the PeopleSoft keystore.
Note: For aes* and 3des* algorithms the Use Entered Value option is selected by default. You cannot change it.
This example illustrates the fields and controls on the Algorithm Keyset page when Use Entered Value is selected.
|
Field or Control |
Description |
|---|---|
|
Keyset ID |
Enter a name for the key value in the current row. Each row must have a unique keyset ID for this algorithm. Click the plus or minus buttons to add or remove rows. |
|
Key Text |
Enter a key value in the Key Text field that is formatted appropriately for the algorithm that you're configuring. This value will be entered into the PET keyset table, not the PeopleSoft keystore. The value entered will be validated against the requirements for all parameters. If the Key Text is valid for one or more parameters they will be listed for review. You cannot save the key text unless it passes at least one parameter requirement. Note: The key value that you enter here is stored in the PET keyset table using a combination of the algorithm ID and the keyset ID as its identifier. Because this combination is unique for each algorithm, you can create identically defined keyset rows for multiple algorithms. |