Configuration Reference Home
Oracle Unified Directory - Trust Store Local Backend Workflow Element

Trust Store Local Backend Workflow Element

The Trust Store Local Backend Workflow Element provides an LDAP view of a file-based trust store. It is used by the administrative cryptographic framework.

Parent Component

The Trust Store Local Backend Workflow Element component inherits from the Local Backend Workflow Element

Relations From this Component

The following components have a direct COMPOSITION relation FROM Trust Store Local Backend Workflow Elements :

Properties

A description of each property follows.


Basic Properties: Advanced Properties:
↓ base-dn ↓ java-class
↓ enabled
↓ key-store-file
↓ key-store-pin
↓ key-store-pin-environment-variable
↓ key-store-pin-file
↓ key-store-pin-file-encryption
↓ key-store-pin-property
↓ key-store-type
↓ referrals-url
↓ trust-store-file
↓ trust-store-pin
↓ trust-store-pin-environment-variable
↓ trust-store-pin-file
↓ trust-store-pin-file-encryption
↓ trust-store-pin-property
↓ trust-store-type
↓ writability-mode

Basic Properties

base-dn

Description
Specifies the base DN(s) for the data that the backend handles. A single backend may be responsible for one or more base DNs. Note that no two backends may have the same base DN although one backend may have a base DN that is below a base DN provided by another backend. If any of the base DNs is subordinate to a base DN for another backend, then all base DNs for that backend must be subordinate to that same base DN.
Default Value
None
Allowed Values
A valid DN.
Multi-valued
Yes
Required
Yes
Admin Action Required
None. No administrative action is required by default although some action may be required on a per-backend basis before the new base DN may be used.
Advanced Property
No
Read-only
No

enabled

Description
Indicates whether the Workflow Element is enabled for use in the server. If a Workflow Element is not enabled, then its contents are not accessible when processing operations.
Default Value
None
Allowed Values
true
false
Multi-valued
No
Required
Yes
Admin Action Required
None
Advanced Property
No
Read-only
No

key-store-file

Description
Specifies the path to the file that stores the keys. If the key store type is not file based (like PKCS11), this value is not required. It may be an absolute path, or a path that is relative to the Oracle Unified Directory instance root.
Default Value
config/ads-keystore
Allowed Values
A String
Multi-valued
No
Required
No
Admin Action Required
None
Advanced Property
No
Read-only
No

key-store-pin

Description
Specifies the clear-text PIN needed to access the Trust Store Local Backend Workflow Element .
Default Value
None
Allowed Values
Unknown
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property will take effect the next time that the Trust Store Local Backend Workflow Element is accessed.
Advanced Property
No
Read-only
No

key-store-pin-environment-variable

Description
Specifies the name of the environment variable that contains the clear-text PIN needed to access the Trust Store Local Backend Workflow Element .
Default Value
None
Allowed Values
The name of a defined environment variable that contains the clear-text PIN required to access the contents of the key store.
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property will take effect the next time that the Trust Store Local Backend Workflow Element is accessed.
Advanced Property
No
Read-only
No

key-store-pin-file

Description
Specifies the path to the text file whose only contents should be a single line containing the clear-text PIN needed to access the Trust Store Local Backend Workflow Element .
Default Value
None
Allowed Values
A path to an existing file that is readable by the server.
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property will take effect the next time that the Trust Store Local Backend Workflow Element is accessed.
Advanced Property
No
Read-only
No

key-store-pin-file-encryption

Description
Indicates if the provided key store pin must be encrypted before writing in the file. This attribute is valid only if the pin is stored in a file. If true, the stored password is encrypted using a server specific encryption method.
Default Value
false
Allowed Values
true
false
Multi-valued
No
Required
No
Admin Action Required
None
Advanced Property
No
Read-only
No

key-store-pin-property

Description
Specifies the name of the Java property that contains the clear-text PIN needed to access the Trust Store Local Backend Workflow Element .
Default Value
None
Allowed Values
The name of a defined Java property.
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property will take effect the next time that the Trust Store Local Backend Workflow Element is accessed.
Advanced Property
No
Read-only
No

key-store-type

Description
Specifies the format for the data in the key store file. Valid values should always include 'JKS' and 'PKCS12', but different implementations may allow other values as well.
Default Value
The JVM default value is used.
Allowed Values
A String
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property take effect the next time that the key manager is accessed.
Advanced Property
No
Read-only
No

referrals-url

Description
The URLs that should be returned when the server is not able to fulfill the requests. Set of LDAP URLs providing a reference to an alternate location in which an operation may be processed. If not defined, URLs provided by the replication service will be used.
Default Value
None
Allowed Values
A LDAP URL compliant with RFC 2255.
Multi-valued
Yes
Required
No
Admin Action Required
None
Advanced Property
No
Read-only
No

trust-store-file

Description
Specifies the path to the file that stores the trust information. It may be an absolute path, or a path that is relative to the Oracle Unified Directory instance root.
Default Value
config/ads-truststore
Allowed Values
A String
Multi-valued
No
Required
Yes
Admin Action Required
None
Advanced Property
No
Read-only
No

trust-store-pin

Description
Specifies the clear-text PIN needed to access the Trust Store Local Backend Workflow Element .
Default Value
None
Allowed Values
Unknown
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property will take effect the next time that the Trust Store Local Backend Workflow Element is accessed.
Advanced Property
No
Read-only
No

trust-store-pin-environment-variable

Description
Specifies the name of the environment variable that contains the clear-text PIN needed to access the Trust Store Local Backend Workflow Element .
Default Value
None
Allowed Values
A String
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property will take effect the next time that the Trust Store Local Backend Workflow Element is accessed.
Advanced Property
No
Read-only
No

trust-store-pin-file

Description
Specifies the path to the text file whose only contents should be a single line containing the clear-text PIN needed to access the Trust Store Local Backend Workflow Element .
Default Value
None
Allowed Values
A String
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property will take effect the next time that the Trust Store Local Backend Workflow Element is accessed.
Advanced Property
No
Read-only
No

trust-store-pin-file-encryption

Description
Indicates if the provided truststore pin must be encrypted before writing in the file. This attribute is valid only if the pin is stored in a file. If true, the stored password is encrypted using a server specific encryption method.
Default Value
false
Allowed Values
true
false
Multi-valued
No
Required
No
Admin Action Required
None
Advanced Property
No
Read-only
No

trust-store-pin-property

Description
Specifies the name of the Java property that contains the clear-text PIN needed to access the Trust Store Local Backend Workflow Element .
Default Value
None
Allowed Values
A String
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property will take effect the next time that the Trust Store Local Backend Workflow Element is accessed.
Advanced Property
No
Read-only
No

trust-store-type

Description
Specifies the format for the data in the key store file. Valid values should always include 'JKS' and 'PKCS12', but different implementations may allow other values as well.
Default Value
JKS
Allowed Values
A String
Multi-valued
No
Required
No
Admin Action Required
None. Changes to this property take effect the next time that the key manager is accessed.
Advanced Property
No
Read-only
No

writability-mode

Description
Specifies the behavior that the backend should use when processing write operations.
Default Value
enabled
Allowed Values
disabled - Causes all write attempts to fail.

enabled - Allows write operations to be performed in that backend (if the requested operation is valid, the user has permission to perform the operation, the backend supports that type of write operation, and the global writability-mode property is also enabled).

internal-only - Causes external write attempts to fail but allows writes by replication and internal operations.


Multi-valued
No
Required
Yes
Admin Action Required
None
Advanced Property
No
Read-only
No


Advanced Properties

java-class

Description
Specifies the fully-qualified name of the Java class that provides the Trust Store Local Backend Workflow Element implementation.
Default Value
org.opends.server.workflowelement.localbackend.TrustStoreLocalBackendWorkflowElement
Allowed Values
A java class that implements or extends the class(es) :
org.opends.server.workflowelement.WorkflowElement
Multi-valued
No
Required
Yes
Admin Action Required
None
Advanced Property
Yes
Read-only
No


Copyright © 2017, 2020, Oracle and/or its affiliates. All rights reserved.