Installation and Upgrade Guides › Policy Server Installation Guide › Configuring LDAP Directory Servers to Store CA SiteMinder® Data › Configure a Separate Key Store
Configure a Separate Key Store
If you have a collocated policy/key store, you can configure the Policy Server to use a separate key store.
The type of directory server that is to function as a separate key store determines how you configure the store:
- If you can use the CA SiteMinder® smldapsetup utility to configure a policy store, you can configure a separate key store using key store–specific schema. The following directory servers can be configured this way:
- Microsoft Active Directory
- Microsoft AD LDS
- Oracle Directory Server Enterprise Edition
- Oracle Internet Directory Server
- Red Hat Directory Server
- If you cannot use the CA SiteMinder® smldapsetup utility to configure a policy store, then you must:
- Configure a separate directory server instance with the policy store schema only. The policy store schema includes the key store schema. You do not have to:
- Set the CA SiteMinder® superuser password.
- Import the default policy store objects.
- Import the policy store data definitions.
A separate key store does not require these objects.
- Configure the Policy Server to use this policy store instance as a key store only.
Note: For more information, see the Policy Server Administration Guide.
Copyright © 2015 CA Technologies.
All rights reserved.
|
|