KeyStore Type - pkcs12_storage (tC)

This configuration stores the ArchiveLink or CMIS certificates in the configured storage itself.

It also allows to store sensible configuration settings like passwords encrypted inside the keystore. These configuration values are referenced in the repository.cfg by their key-alias.

The location of the keystore can be configured by the parameters pkcs12_storage.path andpkcs12_storage.name.

pkcs12_storage.name defaults to common-ks.pkcs12.

If pkcs12_storage.path is not configured at first startup, the named keystore is searched in the installation context, and placed in the ConfigData directory. Further instructions for the configuration of the ConfigDataService can be found here: CDS filesystem (tC).

This mechanism, however, requires that the ConfigDataService type filesystem is set up.

As new certificates have to be imported when existing certificates expire and have to be replaced or when a new system is connected, the keystore must not be readonly.

Configuration parameters in the `repository.cfg`

# (none|storage|pkcs12|pkcs12_storage) - default: none
<repoName>.keystoreservice.type = pkcs12_storage 

<repoName>.keystoreservice.pkcs12_storage.name = repo1-ks.p12
<repoName>.keystoreservice.pkcs12_storage.path = c://cmis//tia_keystore

The KeyStore type storage required the Content Service of this repository to be configured: That means its type is unequal to noop.

KeyStore Type - pkcs12_storage (tC)

Configuration parameters in the repository.cfg

Configuration parameters in the `repository.cfg`