Previous Step   Previous Step Next Step   Next Step

Generate keys manually or automatically, and control the number of active keys.

Map Step 2 towards the goal: Configuring LTPA and working with keys

About this task

WebSphere® Application Server generates Lightweight Third Party Authentication (LTPA) keys automatically during the first server startup. You can generate additional keys as you need them in the Authentication mechanisms and expiration panel.

You can disable the automatic generation of new LTPA keys for key sets that are members of a key set group. Automatic generation creates new keys on a schedule that you specify when you configure a key set group, which manages one or more key sets. WebSphere® Application Server uses key set groups to automatically generate cryptographic keys or multiple synchronized key sets.

Generating keys manually or enabling or disabling the generation of keys are tasks that require you to recycle the node agents and application servers to accept the new keys. If any of the node agents are down, run a manual file synchronization utility from the node agent machine to synchronize the security configuration from the deployment manager.

Key sets manage LTPA keys in a key store that is based on a key alias prefix. A key alias prefix is automatically generated when you generate a new key and store it in a key store. Key stores can contain multiple versions of keys for any given key alias prefix. You can specify a maximum number of active keys in the key set configuration.

Read the Generating Lightweight Third Party Authentication keys article for more information.

Before you begin

Configure LTPA and generate the first LTPA keys.

Supporting information (generally applicable)

What to do next

Import and export keys.

Previous Step   Previous Step Next Step   Next Step


Terms of Use | Feedback

Last updated: Sep 19, 2011 6:13:59 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=matt&product=was-express-dist&topic=tsec_ltpa_and_keys_step2
File name: tsec_ltpa_and_keys_step2.html