Secure LTPA keys on a production environment
LTPA keys encrypt user authentication sessions and cookies. To regenerate the LTPA key, from the WAS admin console...Security | Secure administration, applications, and infrastructure | Authentication mechanisms and expiration | Key Generation | NodeLTPAKeySetGroup | Generate Keys | Save
By default, WAS is configured to automatically regenerate the LTPA keys every 90 days. If you setup single sign-on to export the LTPA key and then import it on another server, disable the automatic key generation; otherwise, single sign-on fails after 90 or 180 days because of regenerated keys.
Security | Secure administration, applications, and infrastructure | Authentication mechanisms and expiration | Key generation - Key set groups | NodeLTPAKeySetGroup | Key generation - Automatically generate keys (unselect) | OK | Save
Parent: Securing