Existing r6.x Policy Servers can use an r6.x key store for key rollover, while r12.0 SP2 Policy Servers can use an r12.0 SP2 key store for key rollover. The following figure illustrates:
Important! If all key stores do not use the same Agent and Session keys, single signon fails.
Note: Although not illustrated, policy store and key store data can be replicated for failover. The database or directory server type determines how you replicate data. For more information about key management in a master/slave environment, see the Policy Server Administration Guide. For more information about replicating data, see your vendorspecific documentation.
Copyright © 2010 CA. All rights reserved. | Email CA about this topic |