WebSphere Application Server Network Deployment, Version 6.1
             Operating Systems: AIX, HP-UX, i5/OS, Linux, Solaris, Windows, z/OS

             Personalize the table of contents and search results

Key set groups settings

Use this page to create new key set groups.

To view this administrative console page, click Security > SSL certificate and key management > Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration . Under Related items, click Key set groups > New.

Automatically generate keys

Specifies that the keys are generated automatically on a schedule. When a new key is generated, the security.xml is updated and saved by the runtime to track the key reference version. This can cause save conflicts when updating the same file from admin applications.

Default for Versions 6.0.x through 6.1.0.21 Enabled

Configuration tab

Key set group name

Specifies the name of key set group used. This name can be referenced using the com.ibm.websphere.crypto.KeySetHelper API to retrieve the managed keys from an application.

Data type: Text
Key sets

Specifies a set of key instances of the same type for use in cryptographic operations.

Add

Specifies to add the selected key set part of this key set group.

Remove

Specifies to remove the selection from the Key sets list.

Scheduled time for generation

Specifies the scheduled time when the system generates selected key set group or groups. You can specify the scheduled time in hours and minutes; specify either A.M. or P.M., or specify 24-hour. You can also specify the day of the week you want the scheduled event to occur. It is recommended that you set this event to occur during a low peak time, especially for keys that are used by runtime for token validation.

Data type Integer
Default: 0, 0
Range: 1–12, 0–59
Generate on a specific day

Specifies whether to have the generation occur on a specific day of the week. It is best to auto-generate keys during a low peak day.

Default: Enabled
Weekday

Specifies the day of the week on which the expiration monitor will run if the Check on a specific day option is selected.

Default: Sunday
Range: Sunday, Monday, Tuesday, Wednesday, Thursday, Friday, Saturday
Repeat interval

Specifies the period of time between each schedule time to check for expired certificates or the interval between schedule checks.

Default: Daily
Range: Daily, Weekly
Generate at an interval

Specifies to generate keys at the specified frequency regardless of the day of the week on which generation occurs.

Default: Disabled
Next start date

Specifies the date for the next scheduled check. This allows the deployment manager to be stopped and restarted without resetting the date.




Related tasks
Creating a Secure Sockets Layer configuration
Related reference
Key stores and certificates collection
Key set groups collection
Reference topic    

Terms of Use | Feedback

Last updated: Feb 25, 2009 9:32:38 AM CST
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.nd.multiplatform.doc/info/ae/ae/usec_sslnewkeysetgrp.html