Previous Topic: SiteMinder Key Database ManagementNext Topic: Aliases in the Smkeydatabase


Key Database Overview

The SiteMinder key database, named the smkeydatabase is a key and certificate database that SiteMinder uses for signing, verification, encryption, and decryption functions. For example, you can store keys and certificates to sign and verify OCSP requests and responses, or to sign and validate messages with WS-Security tokens.

The database is made up of multiple files. You can manage and retrieve keys and certificates in this database using the SiteMinder tool named smkeytool.

You can store multiple private keys in the smkeydatabase.

The smkeydatabase is installed with a SiteMinder Policy Server. The Policy Server uses certified Federal Information Processing Standard (FIPS) 140-2 compliant cryptographic libraries, which enable a SiteMinder environment to use FIPS-compliant algorithms to encrypt sensitive data. As a result, all data in the smkeydatabase is encrypted using these FIPS-compliant algorithms.

Note: If you upgrade from a previous version of the Policy Server to r12.0 SP3, see the SiteMinder Upgrade Guide for instructions on migrating the smkeydatabase so that data is properly encrypted.