keydatabase-password

keydatabase-password = <db_password>

Description

Password for the key database in the keydatabase-file. The ISAM appliance uses stash files to manage the passwords for key files. As a result, key file passwords are not available to the administrator of the appliance.

If we do not know the password for the key database file, we can use the keydatabase-password-file entry to specify the name of the password stash file instead. If we configure the keydatabase-password-file entry, we can leave the keydatabase-password entry unconfigured. The Password Synchronization Plug-in requires knowledge of the database password. Therefore, if we do not configure the keydatabase-password-file entry, configure the keydatabase-password entry. To complete this configuration, follow this process:

1. Create the key file externally to the appliance. Use a known password to generate the new key file.
2. Import the key file on to the appliance.
3. Configure the keydatabase-password configuration entry with the known password for the Password Synchronization Plug-in.

Options

<db_password>

Password for the key database file.

Usage: If the is_enabled configuration entry in the [itim] stanza is set to true, we must set one of the following entries for the key database password:

• keydatabase-password
• keydatabase-password-file

If there is a value configured for both of these entries, WebSEAL uses the keydatabase-password.

Default: None.

Example: keydatabase-password = myPassword1

Parent topic: [itim] stanza