Certificate Authority Stores Configuration
From iDENprotect Knowledge Base
Contents
If you have not made any configuration changes yet, please see How to make configuration changes
Introduction
The idenprotect Core Platform can integrate with an external CA or it can use its own internal CA. Not all parameters are required for all CA Types.
Other CA related articles are Certificate Authority Server Configuration, Certificate Authority Profile Name Configuration
For more information on specific Certificate Authorities, see one of the following articles:
- Internal Certificate Authority
- EJBCA
- Soap Services Certificate Authority
- Microsoft Certificate Services Certificate Authority
Any changes made to the CA Configuration will require a server restart in order for the changes to take effect.
Configurable Settings
- CA Stores Configuration in the idenprotect Core Platform Admin Console Config Tab
- Server file system in
/etc/idenprotect/ca.properties
| Parameter in Config Tab | Parameter in Properties File | Description |
|---|---|---|
CA Key Store Alias
|
ca.keystore.alias
|
Alias for CA Private Key |
CA Key Store Password
|
ca.keystore.pass
|
Password for CA Key Store |
CA Key Store Path
|
ca.keystore.path
|
Path to CA Key Store |
CA Key Store Subject
|
ca.keystore.subject
|
The subject of the root CA Cert (if idenprotect creates it) |
Key Store
|
ca.backend.ejbca.keyStore
|
Keystore used when making mutual TLS connection to EJBCA |
Key Store Password
|
ca.backend.ejbca.keyStorePassword
|
Password for keystore |
Key Store Type
|
ca.backend.ejbca.keyStoreType
|
Keystore type, eg PKCS12 |
Trust Store
|
ca.backend.ejbca.trustStore
|
Trust store used when making mutual TLS connection to EJBCA |
Trust Store Password
|
ca.backend.ejbca.trustStorePassword
|
Password for truststore |
Trust Store Type
|
ca.backend.ejbca.trustStoreType
|
Keystore type, eg PKCS12 |
