WAS v8.5 > Secure applications > Authenticate users > Select an authentication mechanism > LTPALightweight Third Party Authentication key sets and key set groups
Key set groups contain lists of key sets and Lightweight Third Party Authentication (LTPA) key generation schedules. Each key set contains key references to keys in key stores.
It is not recommended that you choose to generate new keys automatically . Keys should only be generated during off hours. Once keys are generated, we might need to export the keys and to import the keys to other WebSphere cells or IBM products in which the keys are required to be sync to communicate with each other.
The keys for some key configurations must be generated together. The LTPA key pair is referenced in one key set while the secret or private key is in a separate key set. When the key set group is created, the two key sets are added as members of the key set group. Key set group settings determine whether the keys for both key sets are generated together automatically or manually.
The key set group contains the following attributes:
- Member key sets
- Choice of either manual or automatic key generation in the member key sets
- Schedule for automatically generating keys
Related
Generate LTPA keys
Importing LTPA keys
Export LTPA keys
Disable automatic generation of LTPA keys
Change the number of active LTPA keys