 |
There are several new keys that must be added to the bsi.properties file to enable a key store, and these new properties must be configured for certification seal to work. Below is a list of the new keys and their use:
The alias of the certificate you wish to use for certification seal. For example, if your certificate was named "MyCert", you would add the following to the bsi.properties file: tamperseal.certificate.alias=MyCert.
The type of key store you wish to use. If not specified, Expere will default to "JKS" (a standard Java key store). Other possible values include "JCEKS", "PKCS11" and "PKCS12". For example: keystore.type=PKCS12.
The provider used to access the key store. If not specified, Expere will default to "SUN". For WebSphere environments, use the "IBMJCE" provider.
The URL of the key store where your certificate is stored (this may be a file path). For example: keystore.url=C:/keystore/keys.jks. If not specified, the default value of this key is null. When using a PKCS #11 key store, do not configure this key in the bsi.properties file.
The URL of a file containing the password for your key store. For this to work you must create a text file with the password of your key store in the body file and ensure that Expere has read rights to the file. Then, configure this setting to point to that password file. For example: keystore.url=C:/secrets/keystorepassword.txt .
The URL of a file containing the password for the private key of your certificate. If not specified, Expere will default to the value of keystore.password.url. Configure your environment in the same way as you did when setting up the keystore.password.url key.
|