File Based Passphrase Provider

File Based Passphrase Provider provide a mechanism for reading a passphrase from a specified file. The contents of the file may optionally be encrypted with a key from the server's encryption settings database.

Parent Component Properties dsconfig Usage

Parent Component

The File Based Passphrase Provider component inherits from the Passphrase Provider

Properties

The properties supported by this managed object are as follows:


Basic Properties: Advanced Properties:
 description  None
 enabled
 password-file
 max-cache-duration

Basic Properties

description

Description
A description for this Passphrase Provider
Default Value
None
Allowed Values
A string
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action

enabled

Description
Indicates whether this Passphrase Provider is enabled for use in the server.
Default Value
None
Allowed Values
true
false
Multi-Valued
No
Required
Yes
Admin Action Required
None. Modification requires no further action

password-file

Description
The path to the file containing the passphrase.
Default Value
None
Allowed Values
A filesystem path
Multi-Valued
No
Required
Yes
Admin Action Required
None. Modification requires no further action

max-cache-duration

Description
The maximum length of time that the passphrase provider may cache the passphrase that has been read from the target file. A value of zero seconds indicates that the provider should always attempt to read the passphrase from the file.
Default Value
60s
Allowed Values
A duration. Lower limit is 0 milliseconds.
Multi-Valued
No
Required
No
Admin Action Required
None. Modification requires no further action


dsconfig Usage

To list the configured Passphrase Providers:

dsconfig list-passphrase-providers
     [--property {propertyName}] ...

To view the configuration for an existing Passphrase Provider:

dsconfig get-passphrase-provider-prop
     --provider-name {name}
     [--tab-delimited]
     [--script-friendly]
     [--property {propertyName}] ...

To update the configuration for an existing Passphrase Provider:

dsconfig set-passphrase-provider-prop
     --provider-name {name}
     (--set|--add|--remove) {propertyName}:{propertyValue}
     [(--set|--add|--remove) {propertyName}:{propertyValue}] ...

To create a new File Based Passphrase Provider:

dsconfig create-passphrase-provider
     --provider-name {name}
     --type file-based
     --set enabled:{propertyValue}
     --set password-file:{propertyValue}
     [--set {propertyName}:{propertyValue}] ...

To delete an existing Passphrase Provider:

dsconfig delete-passphrase-provider
     --provider-name {name}