Note: this component stores cluster-wide configuration data and is mirrored across all servers in the topology within the the same cluster.
Note: changes to cluster-wide configuration objects are immediately and automatically mirrored across all servers within the same cluster, so offline changes are not supported.
A Filesystem Deployment Package Store represents a directory on the local filesystem from which deployment packages may be imported.
↓Parent Component
↓Properties
↓dsconfig Usage
The Filesystem Deployment Package Store component inherits from the Deployment Package Store
The properties supported by this managed object are as follows:
General Configuration Basic Properties: | Advanced Properties: |
---|---|
↓ poll-interval | None |
↓ poll-directory | |
Policy Security Basic Properties: | Advanced Properties: |
None | ↓ deployment-package-security-level |
↓ deployment-package-trust-store | |
↓ deployment-package-verification-key-nickname |
Property Group | General Configuration |
Description | Specifies how often the PingAuthorize Server server scans the Deployment Package Store for new deployment packages. If the value of poll-interval is 0, then the server will not scan for new packages after the store is initialized. |
Default Value | 0 s |
Allowed Values | A duration. Lower limit is 0 seconds. |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
Property Group | General Configuration |
Description | The directory to search for new deployment packages. |
Default Value | None |
Allowed Values | A filesystem path |
Multi-Valued | No |
Required | Yes |
Admin Action Required | None. Modification requires no further action |
deployment-package-security-level (Advanced Property)
Property Group | Policy Security |
Description | Specifies how the PingAuthorize Server server verifies the integrity of a deployment package loaded from this Deployment Package Store. All deployment packages include a message digest that the PingAuthorize Server server uses to verify that the contents of a deployment package have not been altered. A deployment package may also be cryptographically signed. By default, this property is set to "unsigned", meaning that the PingAuthorize Server server will accept any deployment package with a valid digest but will not verify the deployment package's signature, if one is present. Configure this property to "signed" to additionally require that a deployment package was created by a trusted Policy Editor. If this property is set to "signed", then the following properties must also be configured:
|
Default Value | unsigned |
Allowed Values | unsigned - The deployment package signature will not be verified. signed - The deployment package must be signed and trusted. |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
deployment-package-trust-store (Advanced Property)
Property Group | Policy Security |
Description | Specifies the trust manager provider containing the public signing key certificate used to verify a deployment package. This is only used if the value of the deployment-package-security-level property is "signed". The trust manager provider specified by this property must refer to a trust store containing the public signing key certificate used by the Policy Editor that created the deployment package. |
Default Value | None |
Allowed Values | The DN of any File Based Trust Manager Provider. Any trust manager provider assigned to the Deployment Package Store must be enabled. |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
deployment-package-verification-key-nickname (Advanced Property)
Property Group | Policy Security |
Description | Specifies the nickname (also called the alias) of the public signing key certificate used to verify a deployment package. This is only used if the value of the deployment-package-security-level property is "signed". The value of this property must refer to the public signing key certificate included in the trust store designated by the deployment-package-trust-store property. |
Default Value | None |
Allowed Values | A string |
Multi-Valued | No |
Required | No |
Admin Action Required | None. Modification requires no further action |
To list the configured Deployment Package Stores:
dsconfig list-deployment-package-stores [--property {propertyName}] ...
To view the configuration for an existing Deployment Package Store:
dsconfig get-deployment-package-store-prop --store-name {name} [--tab-delimited] [--script-friendly] [--property {propertyName}] ...
To update the configuration for an existing Deployment Package Store:
dsconfig set-deployment-package-store-prop --store-name {name} (--set|--add|--remove) {propertyName}:{propertyValue} [(--set|--add|--remove) {propertyName}:{propertyValue}] ...
To create a new Filesystem Deployment Package Store:
dsconfig create-deployment-package-store --store-name {name} --type filesystem --set poll-directory:{propertyValue} [--set {propertyName}:{propertyValue}] ...
To delete an existing Deployment Package Store:
dsconfig delete-deployment-package-store --store-name {name}