Secure > Enhance site security
Initialize KLF in WebSphere Commerce
To retrieve the merchant key from a medium other than the WebSphere Commerce configuration file, define the encryption key providers in a separate custom key configuration file called, for example, CustomKeys.xml. Once you have defined this file, to make the external merchant key available to the commerce runtime, you must add the KeysConfigFile attribute, specified in the <Instance> section of the commerce configuration file. By defining this attribute, the Key Locator Framework (KLF) will retrieve the merchant key using the encryption key provider specified in the CustomKeys.xml instead of retrieving it from the commerce configuration file.
The value of the KeysConfigFile attribute is the location of the CustomKeys.xml relative to a path specified in the classpath of the commerce application. When commerce runtime reads this attribute from the commerce configuration file, it will load the custom keys configuration file as a resource from the classpath.
For example, if you deploy...
WC_EAR/xml/config/CustomKeys.xml
...since WC_EAR/xml directory is on the default classpath of commerce application, specify the following attribute in the commerce configuration file:
KeysConfigFile = "config/CustomKeys.xml"
If the KeysConfigFile attribute is not present in the WebSphere Commerce configuration file, the WebSphere Commerce runtime environment will load the configuration file from the following hard-coded location:
WC_EAR/xml/config/WCKeys.xml
See: Deploying J2EE assets for a partial application
The default WCKeys.xml applies to all instances. This default WCKeys.xml file will contain a WCMerchantKeyImpl provider, which will continue to read the merchant key from the file.
However, if the customer wants to store the merchant key in another location, such as in an external file or hardware device, they must add the KeysConfigFile attribute to the WebSphere Commerce configuration file, which specifies the location of their customized WCKeys.xml file relative to the classpath of the WebSphere Commerce application. This customized WCKeys.xml file will register the new encryption key provider class, which manages the merchant key stored in the new location.
See also