|
|
|
The smkeydatabase is a key and certificate database used for signing, verification, encryption, and decryption between a SiteMinder consuming authority and a SiteMinder producing authority. The database is made up of multiple files. You can manage and retrieve keys and certificates in this database using the SiteMinder tool called smkeytool.
You can store multiple private keys in the smkeydatabase. If you have multiple federated partners, you can use a different private key for each partner.
The smkeydatabase is installed with a SiteMinder Policy Server. The Policy Server uses certified Federal Information Processing Standard (FIPS) 140-2 compliant cryptographic libraries, which enables a SiteMinder environment to use FIPS-compliant algorithms to encrypt sensitive data. As a result, all data in the smkeydatabase is encrypted using these FIPS-compliant algorithms.
Note: If you upgrade from a previous version of the Policy Server to r12.0 SP2, see the SiteMinder Upgrade Guide for instructions on migrating the smkeydatabase so that data is properly encrypted.
The following illustration shows the location of the key store in a SiteMinder federated network.
Note: The SPS federation gateway can replace the Web Agent and Web Agent Option Pack to provide the SiteMinder Federation Web Services application functions. For information about installing and configuring the SPS federation gateway, see the CA SiteMinder Secure Proxy Server Administration Guide.
| Copyright © 2010 CA. All rights reserved. | Email CA about this topic |