Configure LTPA and generate the first LTPA keys.

About this task

Step 1 towards the goal: Configuring LTPA and working with keys

Procedure

Use the administrative console to configure LTPA or Kerberos when you set up security for the first time. The LTPA keys are generated automatically the first time. Read the Configuring the Lightweight Third Party Authentication mechanism article for more information. Application servers distributed in multiple nodes and cells can securely communicate using the LTPA protocol. Key set groups contain lists of key sets and LTPA authentication key generation schedules. Each key set contains key references to keys in key stores. To generate keys automatically, each key set must be a member of a key set group.

Read the Lightweight Third Party Authentication key sets and key set groups article for more information.

The keys for some key configurations must be generated together. The LTPA key pair is referenced in one key set while the secret or private key is in a separate key set. When the key set group is created, the two key sets are added as members of the key set group. Key set group settings determine whether the keys for both key sets are generated together automatically or manually.

The key set group contains the following attributes:
  • Member key sets
  • Choice of either manual or automatic key generation in the member key sets
  • Schedule for automatically generating keys

What to do next

Generate keys manually or automatically, and control the number of active keys.
Task topic    

Terms and conditions for information centers | Feedback

Last updated: April 17, 2014 04:48 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=phil&product=was-base-iseries&topic=tsec_ltpa_and_keys_step1
File name: tsec_ltpa_and_keys_step1.html