WAS v8.5 > Reference > Commands (wsadmin scripting)KeySetCommands command group for AdminTask
We can use the Jython or Jacl scripting languages to configure security with wsadmin. The commands and parameters in the KeySetCommands group can be used to create, delete, and query for key set settings in your configuration.
The KeySetCommands command group for AdminTask includes the following commands:
createKeySet
The createKeySet command creates the key set settings in the configuration. Use this command to control key instances that have the same type.
Target object None.
Required parameters
- -name
- Name that uniquely identifies the key set. (String, required)
- -aliasPrefix
- Prefix for the key alias when a new key generates. (String, required)
- -password
- Password that protects the key in the keystore. (String, required)
- -maxKeyReferences
- Maximum number of key references from the returned keys in the key set of interest. (Integer, required)
- -keyStoreName
- Keystore containing the keys. (String, required)
Optional parameters
- -scopeName
- Unique name of the management scope. (String, optional)
- -deleteOldKeys
- Set Set true to to delete old keys when new keys are generated. Otherwise, set the value of this parameter to false. (Boolean, optional)
- -keyGenerationClass
- Class used to generate new keys in the key set. (String, optional)
- -keyStoreScopeName
- Management scope where the keystore is located. (String, optional)
- -isKeyPair
- Set Set true to if the keys in the key set are key pairs. Otherwise, set the value of this parameter to false. (Boolean, optional)
Example output The command returns the configuration object name of the key set object created.
Examples
Batch mode example usage:
Jacl:
$AdminTask createKeySet {-name testKeySet –aliasPrefix test –password pwd –maxKeyReferences 2 –deleteOldKeys true –keyStoreName testKeyStore –isKeyPair false}Jython string:
AdminTask.createKeySet('[-name testKeySet –aliasPrefix test –password pwd –maxKeyReferences 2 –deleteOldKeys true –keyStoreName testKeyStore –isKeyPair false]')Jython list:
AdminTask.createKeySet(['-name', 'testKeySet', '–aliasPrefix', 'test', '–password', 'pwd', '–maxKeyReferences', '2', '–deleteOldKeys', 'true', '–keyStoreName', 'testKeyStore', '–isKeyPair', 'false'])
Interactive mode example usage:
Jacl:
$AdminTask createKeySet {-interactive}
Jython string:
AdminTask.createKeySet ('[-interactive]')
Jython list:
AdminTask.createKeySet (['-interactive'])
deleteKeySet
The deleteKeySet command deletes the settings of a key set from the configuration.
Target object None.
Required parameters
- -name
- The name that uniquely identifies the key set. (String, required)
Optional parameters
- -scopeName
- Unique name of the management scope. (String, optional)
Example output The command does not return output.
Examples
Batch mode example usage:
Jacl:
$AdminTask deleteKeySet{ -name testKeySet}
Jython string:
AdminTask.deleteKeySet('[-name testKeySet]')
Jython list:
AdminTask.deleteKeySet(['-name', 'testKeySet'])
Interactive mode example usage:
Jacl:
$AdminTask deleteKeySet {-interactive}
Jython string:
AdminTask.deleteKeySet ('[-interactive]')
Jython list:
AdminTask.deleteKeySet (['-interactive'])
generateKeyForKeySet
The generateKeyForKeySet command generates keys for the keys in the key set.
Target object None.
Required parameters
- -keySetName
- Name of the key set. (String, required)
Optional parameters
- -keySetScope
- Scope of the key set. (String, optional)
- -keySetSaveConfig
- Set Set true to to save the configuration of the key set. Otherwise, set the value of this parameter to false. (Boolean, optional)
Example output The command does not return output.
Examples
Batch mode example usage:
Jacl:
$AdminTask generateKeyForKeySet{ -keySetName testKeySet }
Jython string:
AdminTask.generateKeyForKeySet('[-keySetName testKeySet]')
Jython list:
AdminTask.generateKeyForKeySet(['-keySetName', 'testKeySet'])
Interactive mode example usage:
Jacl:
$AdminTask generateKeyForKeySet {-interactive}
Jython string:
AdminTask.generateKeyForKeySet ('[-interactive]')
Jython list:
AdminTask.generateKeyForKeySet (['-interactive'])
getKeySet
The getKeySet command displays the settings of a particular key set.
Target object None.
Required parameters
- -name
- Name that uniquely identifies the key set. (String, required)
Optional parameters
- -scopeName
- Unique name of the management scope. (String, optional)
Example output The command returns the settings of the specified key set group.
Examples
:
Jacl:
$AdminTask getKeySet {-name testKeySet}
Jython string:
AdminTask.getKeySet ('[-name testKeySet]')
Jython list:
AdminTask.getKeySet (['-name', 'testKeySet'])
Interactive mode example usage:
Jacl:
$AdminTask getKeySet {-interactive}
Jython string:
AdminTask.getKeySet ('[-interactive]')
Jython list:
AdminTask.getKeySet (['-interactive'])
listKeySets
The listKeySets command lists the key sets in a particular scope.
Target object None.
Required parameters None.
Optional parameters
- -scopeName
- Unique name of the management scope. (String, optional)
- -displayObjectName
- Set Set true to to list the key set configuration objects within the scope. Set the value of this parameter to false to list the strings containing the key set group name and management scope. (Boolean, optional)
- -all
- Specify the value of this parameter as true to list all key sets. This parameter overrides the scopeName parameter. Default is false. (Boolean, optional)
Example output The command returns the key sets for the scope that you specified.
Examples
:
Jacl:
$AdminTask listKeySets {-displayObjectName true}
Jython string:
AdminTask.listKeySets ('[-displayObjectName true]')
Jython list:
AdminTask.listKeySets (['-displayObjectName', 'true'])
Interactive mode example usage:
Jacl:
$AdminTask listKeySets {-interactive}
Jython string:
AdminTask.listKeySets ('[-interactive]')
Jython list:
AdminTask.listKeySets (['-interactive'])
modifyKeySet
The modifyKeySet command changes the settings of an existing key set.
Target object None.
Required parameters
- -name
- Name that uniquely identifies the key set. (String, required)
Optional parameters
- -scopeName
- Unique name of the management scope. (String, optional)
- -aliasPrefix
- Prefix for the key alias when a new key generates. (String, optional)
- -password
- Password that protects the key in the keystore. (String, optional)
- -maxKeyReferences
- Maximum number of key references from the returned keys in the key set of interest. (Integer, optional)
- -deleteOldKeys
- Set Set true to to delete old keys when new keys are generated. Otherwise, set the value of this parameter to false. (Boolean, optional)
- -keyGenerationClass
- Class used to generate new keys in the key set. (String, optional)
- -keyStoreName
- Keystore containing the keys. (String, optional)
- -keyStoreScopeName
- Management scope where the keystore is located. (String, optional)
- -isKeyPair
- Set Set true to if the keys in the key set are key pairs. Otherwise, set the value of this parameter to false. (Boolean, optional)
Example output The command does not return output.
Examples
Batch mode example usage:
Jacl:
$AdminTask modifyKeySet {-name testKeySet -maxKeyReferences 3 –deleteOldKeys false}Jython string:
AdminTask.modifyKeySet ('[-name testKeySet -maxKeyReferences 3 –deleteOldKeys false]')Jython list:
AdminTask.modifyKeySet (['-name', 'testKeySet', '-maxKeyReferences', '3', '–deleteOldKeys', 'false'])
Interactive mode example usage:
Jacl:
$AdminTask modifyKeySet {-interactive}
Jython string:
AdminTask.modifyKeySet ('[-interactive]')
Jython list:
AdminTask.modifyKeySet (['-interactive'])
Related concepts:
Key management for cryptographic uses
Related
Use the wsadmin scripting AdminTask object for scripted administration
Create a key set configuration
Create an SSL configuration at the node scope using scripting
Reference:
Key sets settings