Venafi Trust Protection Platforms offers a provisioning driver for Java Keystore (JKS). This article covers the common use cases and application object settings.
Java Keystore (JKS) is a library that can be integrated with the JKS-integrated server platforms such as:
The supported provisioning methods are:
- Agentless (Uses SSH and SFTP)
- Agent based
The provisioning driver does not require keytool on target system in most cases. If we are generating the private key and CSR on the target application keytool is required.
JKS Application object settings:
Full path name of the Java keytool utility. If left empty Venafi will generate JKS keystore.
Version of the Java Keytool utility you are using to manage keystores.
Trust Protection Platform supports the following versions of the Java Keytool utility:
- Java 1.4
- Java 1.5
- Java 1.6
- Java 1.7
The store type determines the key file format. You must select the keystore type supported by the platforms and applications that consume the keystore’s certificates.
Type of store managed via the current JKS Application object.
The store type determines the key file format. You must select the keystore type supported by the platforms and applications that consume the keystore’s certificates. Available types:
Key Store Path:
A full path includes the path and the filename. For example:/opt/pki/keystore.jks
Key Store Credential:
Password used to access the keystore.
Private Key Credential:
The credential required to access the private key file for certificate renewal.
Creates a new keystore file, if one does not already exist.
Deletes the existing keystore and creates a new one.
Reuses the alias that is assigned to the key/certificate in the keystore when the certificate is renewed. This option keeps the existing certificate available during the renewal process and simplifies management of the applications that use the key/certificate referenced by the alias.
Algorithm used to generate the key for the current certificate. (RSA)