Child pages
  • Cryptography Service
Skip to end of metadata
Go to start of metadata

The openidm-crypto service manages a Java keystore and uses its keys to provide cryptography services to components within OpenIDM.

Configuration

root object

{
  "keystore": keystore object
}

"keystore": keystore object, required
The keystore that is used by the openidm-crypto component.

keystore object

{
  "type": string,
  "provider": string,
  "location": string,
  "password": string
}

"type": string, optional
The type of keystore. If omitted or null, the default keystore type as specified in the Java security properties file, or if undefined the string "jks" will be used.

"provider": string, optional
The name of the Java Security API provider to use. If omitted or null, the registered security providers are traversed, starting with the most preferred; the first provider that supports the specified type is used.

"location": string, optional
The URL of the keystore. If omitted or null, then the default keystore for the given provider is used. If a location is provided with no scheme, it is presumed to have a scheme of file.

"password": string, optional
The password with which to unlock the keystore and recover individually stored keys.

Note: In future mode of operation, properties (such as "password") will be able to contain an object to reference an externally stored value:

{ "$ref": url }
  • No labels