Import and export keys.
Generate keys manually or automatically, and control the number of active keys.
Parent
Configure LTPA and working with keys
To support SSO in WebSphere Application Server across multiple WebSphere Application Server domains or cells, you must share the LTPA keys and the password among the domains. We can import LTPA keys from other domains and export keys to other domains.
You should disable automatic key generation if you import or export keys to or from another cell. This disabling causes the imported keys to get lost and the exported keys to no longer interoperate with this cell over time
We must recycle the node agents and application servers to accept the new keys. If any of the node agents are down, run a manual file synchronization utility from the node agent machine to synchronize the security configuration from the deployment manager.
Read the Importing Lightweight Third Party Authentication keys and Exporting Lightweight Third Party Authentication keys articles for more information.
What to do next
Manage keys from multiple cells.
Subtopics
- Disable automatic generation of Lightweight Third Party Authentication keys
We can disable the automatic generation of new LTPA keys for key sets that are members of a key set group. Automatic generation creates new keys on a schedule specified when you configure a key set group, which manages one or more key sets. WAS uses key set groups to automatically generate cryptographic keys or multiple synchronized key sets.
- Export Lightweight Third Party Authentication keys
To support SSO in WebSphere Application Server across multiple WebSphere Application Server domains or cells, you must share the LTPA keys and the password among the domains.
- Import Lightweight Third Party Authentication keys
To support SSO in WebSphere Application Server across multiple WebSphere Application Server domains or cells, you must share the LTPA keys and the password among the domains. We can import LTPA keys from other domains and export keys to other domains.
- Manage node agents
Node agents are administrative agents that represent a node to the system and manage the servers on that node. Node agents monitor application servers on a host system and route administrative requests to servers.
- Start an application server
When you start an application server, a new server process starts. This new server process is based on the process definition settings of the current server configuration.
- Directory conventions
References in product information to app_server_root, profile_root, and other directories imply specific default directory locations. Become familiar with the conventions in use for WebSphere Application Server.
Related tasks
Disable automatic generation of Lightweight Third Party Authentication keys Export Lightweight Third Party Authentication keys Import Lightweight Third Party Authentication keys Manage node agents Start an application server
Related information:
Directory conventions