Table of Contents
This chapter describes the parameters that can be set to
the security.xml configuration file. This
file is generated by makebootconfig or
securityconfig and tells the Oracle NoSQL Database
server how to apply security.
The security.xml file specifies parameters that primarily control network communications. It contains top-level parameters, plus nested transport parameters. A transport is a grouping of parameter settings that are specific to a particular type of network connection.
A subset of all the configuration options listed below related to SSL can be specified through Java system properties, security file properties, or through the KVStoreConfig API. For more information, see SSL communication properties.
The following top-level parameters can be set to the
security.xml file:
internalAuth
Specifies how internal systems authenticate.
This parameter must be set to
SSL.
keystore
Identifies the keystore file within the security directory. This parameter is normally set to store.keys.
keystoreType
Identifies the type of keystore that the keystore property references. If not set, the Java default keystore type is assumed.
securityEnabled
To enable security this parameter must be set to true.
certMode
Specifies the key/certificate management model in use. This must be set to "shared".
truststore
Identifies the truststore file within the security directory. This is normally set to store.trust.
keystoreType
Identifies the type of keystore that the truststore property references. If not set, the Java default keystore type is assumed.
walletDir
Identifies a directory within the security directory that contains a wallet password store, which in turn holds the password for the keystore.
passwordFile
Identifies a file within the security directory that contains a file password store, which in turn holds the password for the keystore.