jct-cert-keyfile-stash

jct-cert-keyfile-stash = file_name

Description

WebSEAL provides an option to configure a separate certificate key database for junction SSL operations rather than sharing the one used for client certificates specified in the [ssl] stanza. The jct-cert-keyfile-stash parameter specifies the stash file for the optional, separate junction certificate database. This stanza entry is commented out in the WebSEAL configuration file. To enable the option of using a separate certificate key database for junctioned servers, create the pdjct.kdb keyfile (and optional stash file) using iKeyman, and uncomment the options jct-cert-keyfile and jct-cert-keyfile-stash in the configuration file.

Options

file_name

The name of the stash file for the optional, separate junction certificate database.

If jct-cert-keyfile is defined, jct-cert-keyfile-stash must also be defined.

Usage: Optional

Default:

pdjct.sth

Example:

jct-cert-keyfile-stash = pdjct.sth

Parent topic: [junction] stanza