My Oracle Support Banner

OUD 11g/12c - What's the Recommended Way to Protect the Clear-Text Pin for the Keystore / Truststore ? (Doc ID 2655861.1)

Last updated on APRIL 16, 2020

Applies to:

Oracle Unified Directory - Version 12.2.1.3.191219.0108 and later
Information in this document applies to any platform.

Goal

According to -
File Based Key Manager Provider -

the pin for the keystore/truststore is in clear text when configured in these pin configurations -

key-store-pin - Specifies the clear-text PIN needed to access the File Based Key Manager Provider
key-store-pin-environment-variable - Specifies the name of the environment variable that contains the clear-text PIN needed to access the File Based Key Manager Provider
key-store-pin-file - Specifies the path to the text file whose only contents should be a single line containing the clear-text PIN needed to access the File Based Key Manager Provider
key-store-pin-property - Specifies the name of the Java property that contains the clear-text PIN needed to access the File Based Key Manager Provider

What's the recommended way to protect the clear-text pin for the keystore and truststore?

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.