Key sets settings
Use this page to set the properties for a new key set.
To view this administrative console page, click
. Under Configuration settings, click . Under Related items, click .Key set name
Specifies the key set name that is used to select the key set from a key set group and from runtime application programming interfaces (API).
Information | Value |
---|---|
Data type: | Text |
Management scope
Specifies the scope where this Secure Sockets Layer (SSL) configuration is visible. For example, if you choose a specific node, then the configuration is only visible on that node and any servers that are part of that node.
Information | Value |
---|---|
Data type | List |
Range: | Applicable scopes |
Key alias prefix name
Specifies the prefix for the key alias when a new key is generated and stored in a keystore. The rest of the key alias comes from the key reference version number. For example, if the alias prefix is mykey and the key reference version is 2, the keystore references the key using alias mykey_2. If the key reference already has a specified alias for a key already existing in the keystore, this field is ignored.
Information | Value |
---|---|
Data type: | Text |
Key password
Specifies the password used to protect the key in the keystore. If a password is specified in the key reference as well, this password is ignored. This password is used for keys that get generated by a key generator class.
Information | Value |
---|---|
Data type: | Text |
Confirm password
Specifies the same password again to confirm it was entered correctly the first time.
Information | Value |
---|---|
Data type: | Text |
Key generator class name
Specifies the class name that generates keys. If the class implements com.ibm.websphere.crypto.KeyGenerator, then a getKey() method should return a java.security.Key object that is set in the key store using the setKey method without a certificate chain. The key store type associated with the key set must support storing keys without certificates, such as JCEKS.
Information | Value |
---|---|
Data type: | Text |
If the class implements com.ibm.websphere.crypto.KeyPairGenerator, then a getKeyPair() method should return a com.ibm.websphere.crypto.KeyPair object containing either a java.security.PublicKey and java.security.PrivateKey, or a java.security.cert.Certificate[] and a java.security.PrivateKey. The key generator class and the caller of the KeySetHelper API should know the details of the keys that are generated. This framework does not need to understand the key algorithms and lengths.
Delete key references that are beyond the maximum number of keys
Specifies that the keys are deleted from the keystore at the same time that the key reference is deleted. The server deletes the older key references as the Maximum number of keys referenced value is exceeded.
Maximum number of keys referenced
Specifies the maximum number of key instances that are returned when keys from this key set are requested. The oldest key reference gets removed whenever a new key reference gets generated after the maximum has been reached.
Information | Value |
---|---|
Data type: | Integer |
Default: | 3 |
Key store
Specifies the key store that contains the keys for storage, retrieval, or both.
Information | Value |
---|---|
Data type: | Text |
Generates key pair
Specifies that a key references a key pair instead of a key. The key pair contains both a public key and a private key.