Programming Guides › Programming Guide for Perl › Policy Management Operations › Modify the Shared Secret Rollover Policy

Modify the Shared Secret Rollover Policy

A shared secret is a text string known only to a trusted host and the policy store domain where the host is registered. The shared secret is used to authenticate the identity of the trusted host when it makes a secure connection to the Policy Server.

The shared secret rollover feature provides a mechanism to periodically change the shared secret automatically.

Using the Scripting Interface for Perl, you can:

• Call GetSharedSecretPolicy() to retrieve an existing shared secret rollover policy object.
• Modify the retrieved PolicyMgtSharedSecretPolicy object as follows:
  • Modify the rollover frequency. This setting specifies how often rollover should occur over a given rollover period (see the next item).
  • Modify the rollover period (hourly, daily, weekly, monthly). For example, with a rollover frequency of 3 and a daily rollover period, the shared secret is automatically changed every three days.
  • Enable or disable the rollover feature. If the shared secret rollover policy is enabled, rollover must also be enabled for any trusted host whose shared secret needs to be synchronized with the rollover policy's shared secret. You can enable rollover for a trusted host object by calling RolloverEnabled().