Blind Trust Manager Provider

The blind trust manager provider always trusts any certificate that is presented to it, regardless of its issuer, subject, and validity dates.

Use the blind trust manager provider only for testing purposes, because it allows clients to use forged certificates and authenticate as virtually any user in the server.

Parent Component Properties dsconfig Usage

Parent Component

The Blind Trust Manager Provider component inherits from the Trust Manager Provider

Properties

The properties supported by this managed object are as follows:


Basic Properties: Advanced Properties:
 enabled  None
 include-jvm-default-issuers

Basic Properties

enabled

Description
Indicate whether the Trust Manager Provider is enabled for use.
Default Value
None
Allowed Values
true
false
Multi-Valued
No
Required
Yes
Admin Action Required
None. Modification requires no further action

include-jvm-default-issuers

Description
Indicates whether certificates issued by an authority included in the JVM's set of default issuers should be automatically trusted, even if they would not otherwise be trusted by this provider.
Default Value
false
Allowed Values
true
false
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action


dsconfig Usage

To list the configured Trust Manager Providers:

dsconfig list-trust-manager-providers
     [--property {propertyName}] ...

To view the configuration for an existing Trust Manager Provider:

dsconfig get-trust-manager-provider-prop
     --provider-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing Trust Manager Provider:

dsconfig set-trust-manager-provider-prop
     --provider-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...

To create a new Blind Trust Manager Provider:

dsconfig create-trust-manager-provider
     --provider-name {name}
     --type blind
     --set enabled:{propertyValue}
     [--set {propertyName}:{propertyValue}] ...

To delete an existing Trust Manager Provider:

dsconfig delete-trust-manager-provider
     --provider-name {name}