KeySetGroupCommands

Use the Jython or Jacl scripting languages to configure security with wsadmin. The commands and parameters in the KeySetGroupCommands group can be used to create and manage key set groups. Use these commands to manage groups of public, private, and shared keys.

The KeySetGroupCommands includes the following commands:

• deleteKeySetGroup
• generateKeyForKeySetGroup
• getKeySetGroup
• listKeySetGroups
• modifyKeySetGroup

 

deleteKeySetGroup

The deleteKeySetGroup command deletes the settings of a key set group from the configuration.

Target object

None.

Required parameters

-name

Name that uniquely identifies the key set group. (String, required)

Optional parameters

-scopeName

Unique name that identifies the management scope. (String, optional)To list the valid management scopes, we can run the listManagementScope task. For example:

wsadmin>$AdminTask listManagementScopes
"scopeName: (cell):IBM-2143376CB9ECell03 "  
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ECellManager03 " 
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ENode02 " 
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ENode04 " 
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ENode05 "

Examples

Batch mode example usage:

• Jacl...

  $AdminTask deleteKeySetGroup {-name keySetGrp }
  

• Use Jython string:

  AdminTask.deleteKeySetGroup ('[-name keySetGrp]')
  

• Use Jython list:

  AdminTask.deleteKeySetGroup (['-name', 'keySetGrp'])
  

Interactive mode example usage:

• Jacl...

  $AdminTask deleteKeySetGroup {-interactive}
  

• Jython...

  AdminTask.deleteKeySetGroup('-interactive')
  

 

generateKeyForKeySetGroup

The generateKeysForKeySetGroup command generates keys for all of the keys in the key sets that make up the key set group.

Target object

None.

Required parameters

-keySetGroupName

Name of the key set group. (String, required)

Optional parameters

-keySetGroupScope

Scope of the key set group. (String, optional)To list the valid management scopes, we can run the listManagementScope task. For example:

wsadmin>$AdminTask listManagementScopes
"scopeName: (cell):IBM-2143376CB9ECell03 "  
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ECellManager03 " 
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ENode02 " 
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ENode04 " 
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ENode05 "

-keySetGroupUpdateRuntime

Specifies to update the environment to use the newly generated keys at run time. (Boolean, optional)

-keySetGroupSaveConfig

Specifies to automatically save the change to the security configuration. (Boolean, optional)

Examples

Batch mode example usage:

• Jacl...

  $AdminTask generateKeyForKeySetGroup {-keySetGroupName keySetGrp}
  

• Use Jython string:

  AdminTask.generateKeyForKeySetGroup ('[-keySetGroupName keySetGrp]')
  

• Use Jython list:

  AdminTask.generateKeyForKeySetGroup (['-keySetGroupName', 'keySetGrp'])
  

Interactive mode example usage:

• Jacl...

  $AdminTask generateKeyForKeySetGroup {-interactive}
  

• Jython...

  AdminTask.generateKeyForKeySetGroup('-interactive')
  

 

getKeySetGroup

The getKeySetGroup command displays the settings of a particular key set group.

Target object

None.

Required parameters

-name

Name that uniquely identifies the key set group. (String, required)

Optional parameters

-scopeName

Unique name that identifies the management scope. (String, optional)To list the valid management scopes, we can run the listManagementScope task. For example:

wsadmin>$AdminTask listManagementScopes
"scopeName: (cell):IBM-2143376CB9ECell03 "  
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ECellManager03 " 
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ENode02 " 
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ENode04 " 
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ENode05 "

Examples

Batch mode example usage:

• Jacl...

  $AdminTask getKeySetGroup { -name keySetGrp }
  

• Use Jython string:

  AdminTask.getKeySetGroup ('[-name keySetGrp]')
  

• Use Jython list:

  AdminTask.getKeySetGroup (['-name', 'keySetGrp'])
  

Interactive mode example usage:

• Jacl...

  $AdminTask getKeySetGroup {-interactive}
  

• Jython...

  AdminTask.getKeySetGroup('-interactive')
  

 

listKeySetGroups

The listKeySetGroups command lists the key set groups for a particular scope.

Target object

None.

Required parameters: None.

Optional parameters

-scopeName

Unique name that identifies the management scope. (String, optional)To list the valid management scopes, we can run the listManagementScope task. For example:

wsadmin>$AdminTask listManagementScopes
"scopeName: (cell):IBM-2143376CB9ECell03 "  
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ECellManager03 " 
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ENode02 " 
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ENode04 " 
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ENode05 "

-displayObjectNames

If we set the value of this parameter to true, the command returns a list of all of the key set group objects within a scope. If we set the value of this parameter to false, the command returns a list of strings that contain the key set group name and management scope. (Boolean, optional)

-all

Specify the value of this parameter as true to list all key set groups. This parameter overrides the scopeName parameter. The default value is false. (Boolean, optional)

Examples

Batch mode example usage:

• Jacl...

  $AdminTask listKeySetGroups {-displayObjectName true}
  

• Use Jython string:

  AdminTask.listKeySetGroups ('[-displayObjectName true]')
  

• Use Jython list:

  AdminTask.listKeySetGroups (['-displayObjectName', 'true'])
  

Interactive mode example usage:

• Jacl...

  $AdminTask listKeySetGroups {-interactive}
  

• Jython...

  AdminTask.listKeySetGroups('-interactive')
  

 

modifyKeySetGroup

The modifyKeySetGroup command changes the settings of an existing key set group.

Target object

None.

Required parameters

-name

Name that uniquely identifies the key set group. (String, required)

Optional parameters

-scopeName

Unique name that identifies the management scope. (String, optional)To list the valid management scopes, we can run the listManagementScope task. For example:

wsadmin>$AdminTask listManagementScopes
"scopeName: (cell):IBM-2143376CB9ECell03 "  
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ECellManager03 " 
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ENode02 " 
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ENode04 " 
"scopeName: (cell):IBM-2143376CB9ECell03:(node):IBM-2143376CB9ENode05 "

-autoGenerate

Set the value of this parameter to true to automatically generate keys. If not, set the value to false. (Boolean, optional)

-wsScheduleName

Name of the scheduler to use to perform key generation. (String, optional)

-keySetObjectNames

A list of key set configuration names separated by colons (:). (String, optional)

Examples

Batch mode example usage:

• Jacl...

  $AdminTask modifyKeySetGroup {-name keySetGrp -autoGenerate false}
  

• Use Jython string:

  AdminTask.modifyKeySetGroup ('[-name keySetGrp -autoGenerate false]')
  

• Use Jython list:

  AdminTask.modifyKeySetGroup (['-name', 'keySetGrp', '-autoGenerate', 'false'])
  

Interactive mode example usage:

• Jacl...

  $AdminTask modifyKeySetGroup {-interactive}
  

• Jython...

  AdminTask.modifyKeySetGroup('-interactive')
  

---

Related concepts

Key management for cryptographic uses

 

Related tasks

Use AdminTask for scripted administration
Create a key set group configuration

 

Related

Key set groups settings