About this task
Step 1 towards the goal:
Configuring LTPA and working with keys
Procedure
Use the administrative console to configure LTPA or
Kerberos when you set up security for the first time. The LTPA keys
are generated automatically the first time. Read the Configuring the
Lightweight Third Party Authentication mechanism article for more
information. Application servers distributed in multiple
nodes and cells can securely communicate using the LTPA protocol.
Key set groups contain lists of key sets and LTPA authentication key
generation schedules. Each key set contains key references to keys
in key stores. To generate keys automatically, each key set must be
a member of a key set group.
Read the Lightweight Third Party Authentication
key sets and key set groups article for more information.
The
keys for some key configurations must be generated together. The LTPA
key pair is referenced in one key set while the secret or private
key is in a separate key set. When the key set group is created, the
two key sets are added as members of the key set group. Key set group
settings determine whether the keys for both key sets are generated
together automatically or manually.
The key set group contains
the following attributes:
- Member key sets
- Choice of either manual or automatic key generation in the member
key sets
- Schedule for automatically generating keys