Security Administration Properties |
|
Component |
Property name |
Default value |
Description |
|---|---|---|---|
Security Administration |
certificatemanager.keystore.location |
$JAVA_HOME/lib/security/cacerts |
The location of the java keystore file. |
|
certificatemanager.keystore.java.enabled |
true |
Enables the Java keystore. |
|
certificatemanager.keystore.expiry |
3600 (1 hour) |
Keystore will be reloaded when 'expiry time' is passed. |
|
certificatemanager.validation.revocation.enabled |
false |
Enables Process Platform revocation checking of certificates. |
|
com.ibm.jsse2.checkRevocation |
true |
Enables revocation checking. Note: Applicable only when IBM Java security provider is used). |
|
ocsp.enable |
true |
Enables OCSP protocol to be used for revocation check . |
|
com.ibm.security.enableCRLDP |
true |
Enables CRL retrieval through certificate distribution points. Note: Applicable for IBM security provider only. |
|
com.sun.security.enableCRLDP |
true |
Enable CRL retrieval through certificate distribution points. Note: Appicable for SUN security provider only. |
|
ocsp.responderURL |
|
Sets default OCSP responder URL; overrules individual responder URLs found inside certificates. |
|
|
|
|
|
com.eibus.security.x509.validCertificateCache |
1000 |
Cache size for validated certificate chains. |
|
com.eibus.security.x509.validCertificateCache.expirytime |
8 hours |
Time after which validated certificate chains will be removed from cache. |
|
|
|
|
Java Secure Socket Extension (JSSE) |
All |
|