TrustStoreBackendConfiguration.xml revision d70586b00b9530ab99ab4b8f003e9a54793e419f
<?xml version="1.0" encoding="utf-8"?>
<!--
! CDDL HEADER START
!
! The contents of this file are subject to the terms of the
! Common Development and Distribution License, Version 1.0 only
! (the "License"). You may not use this file except in compliance
! with the License.
!
! You can obtain a copy of the license at legal-notices/CDDLv1_0.txt
! See the License for the specific language governing permissions
! and limitations under the License.
!
! When distributing Covered Code, include this CDDL HEADER in each
! file and include the License file at legal-notices/CDDLv1_0.txt.
! If applicable, add the following below this CDDL HEADER, with the
! fields enclosed by brackets "[]" replaced with your own identifying
! information:
! Portions Copyright [yyyy] [name of copyright owner]
!
! CDDL HEADER END
!
!
! Copyright 2007-2008 Sun Microsystems, Inc.
! -->
<adm:managed-object name="trust-store-backend"
plural-name="trust-store-backends" extends="backend"
package="org.forgerock.opendj.server.config" advanced="true"
xmlns:adm="http://opendj.forgerock.org/admin"
xmlns:ldap="http://opendj.forgerock.org/admin-ldap">
<adm:synopsis>
The
<adm:user-friendly-name />
provides an LDAP view of a file-based trust store. It is used by the
administrative cryptographic framework.
</adm:synopsis>
<adm:profile name="ldap">
<ldap:object-class>
<ldap:name>ds-cfg-trust-store-backend</ldap:name>
<ldap:superior>ds-cfg-backend</ldap:superior>
</ldap:object-class>
</adm:profile>
<adm:property-override name="java-class" advanced="true">
<adm:default-behavior>
<adm:defined>
<adm:value>
</adm:value>
</adm:defined>
</adm:default-behavior>
</adm:property-override>
<adm:property-override name="writability-mode">
<adm:default-behavior>
<adm:defined>
<adm:value>enabled</adm:value>
</adm:defined>
</adm:default-behavior>
</adm:property-override>
<adm:property name="trust-store-file" mandatory="true">
<adm:TODO>Should use a file-based property definition?</adm:TODO>
<adm:synopsis>
Specifies the path to the file that stores the trust information.
</adm:synopsis>
<adm:description>
It may be an absolute path, or a path that is relative to the
<adm:product-name />
instance root.
</adm:description>
<adm:default-behavior>
<adm:defined>
</adm:defined>
</adm:default-behavior>
<adm:syntax>
<adm:string />
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
<ldap:name>ds-cfg-trust-store-file</ldap:name>
</ldap:attribute>
</adm:profile>
</adm:property>
<adm:property name="trust-store-type">
<adm:TODO>
Can we restrict this to an enumeration? How can the client guess
which values are possible? What is the default value?
</adm:TODO>
<adm:synopsis>
Specifies the format for the data in the key store file.
</adm:synopsis>
<adm:description>
Valid values should always include 'JKS' and 'PKCS12', but
different implementations may allow other values as well.
</adm:description>
<adm:requires-admin-action>
<adm:none>
<adm:synopsis>
Changes to this property take effect the next time that
the key manager is accessed.
</adm:synopsis>
</adm:none>
</adm:requires-admin-action>
<adm:default-behavior>
<adm:alias>
<adm:synopsis>The JVM default value is used.</adm:synopsis>
</adm:alias>
</adm:default-behavior>
<adm:syntax>
<adm:string />
</adm:syntax>
<adm:profile name="ldap">
<ldap:attribute>
<ldap:name>ds-cfg-trust-store-type</ldap:name>
</ldap:attribute>
</adm:profile>
</adm:property>
<adm:property-reference name="trust-store-pin" />
<adm:property-reference name="trust-store-pin-property" />
<adm:property-reference name="trust-store-pin-environment-variable" />
<adm:property-reference name="trust-store-pin-file" />
</adm:managed-object>