WebSphere Application Server Version 6.1 Feature Pack for Web Services
             Operating Systems: AIX, HP-UX, i5/OS, Linux, Solaris, Windows, z/OS

             Personalize the table of contents and search results

KeySetCommands command group for the AdminTask object

You can use the Jython or Jacl scripting languages to configure security with the wsadmin tool. The commands and parameters in the KeySetCommands group can be used to create, delete, and query for key set settings in your configuration.

The KeySetCommands command group for the AdminTask object includes the following commands:

createSSLConfig

The createSSLConfig command creates an SSL configuration that is based on key store and trust store settings. You can use the SSL configuration settings to make the SSL connections.

Target object

None.

Required parameters and return values

-alias
The name of the alias. (String, required)
-scopeName
The name of the scope. (String, optional)
-clientKeyAlias
The certificate alias name for the client. (String, optional)
-serverKeyAlias
The certificate alias name for the server. (String, optional)
-type
The type of SSL configuration. (String, optional)
-clientAuthentication
Set the value of this parameter to true to request client authentication. Otherwise, set the value of this parameter to false. (Boolean, optional)
-securityLevel
The cipher group that you want to use. Valid values include: HIGH, MEDIUM, LOW, and CUSTOM. (String, optional)
-enabledCiphers
A list of ciphers used during SSL handshake. (String, optional)
-jsseProvider
One of the JSSE providers. (String, optional)
-clientAuthenticationSupported
Set the value of this parameter to true to support client authentication. Otherwise, set the value of this parameter to false. (Boolean, optional)
-sslProtocol
The protocol type for the SSL handshake. Valid values include: SSL_TLS, SSL, SSLv2, SSLv3, TLS, TLSv1. (String, optional)
-trustManagerObjectName
A list of trust managers separated by commas. (String, optional)
-trustStoreNames
The key store that holds trust information used to validate the trust from remote connections. (String, required)
-trustStoreScopeName
The management scope name of the trust store. (String, optional)
-keyStoreName
The key store that holds the personal certificates that provide identity for the connection. (String, required)
-keyStoreScopeName
The management scope name of the key store. (String, optional)
-ssslKeyRingName
Specifies a system SSL (SSSL) key ring name. The value for this parameter has no affect unless the SSL configuration type is SSSL. (String, optional)

Examples

Batch mode example usage:

Interactive mode example usage:

createKeySet

The createKeySet command creates the key set settings in the configuration. Use this command to control key instances that have the same type.

Target object

None.

Required parameters and return values

-name
The name that uniquely identifies the key set. (String, required)
-scopeName
The name of the scope. (String, optional)
-aliasPrefix
The prefix for the key alias when a new key generates. (String, required)
-password
The password that protects the key in the key store. (String, required)
-maxKeyReferences
The maximum number of key references returned keys from this key set. (Integer, required)
-deleteOldKeys
Set the value of this parameter to true to delete old keys when new keys are generated. Otherwise, set the value of this parameter to false. (Boolean, optional)
-keyGenerationClass
The class that is used to generate new keys in the key set. (String, optional)
-keyStoreName
The key store that contains the keys. (String, required)
-keyStoreScopeName
The management scope where the key store is located. (String, optional)
-isKeyPair
Set the value of this parameter to true if the keys in the key set are key pairs. Otherwise, set the value of this parameter to false. (Boolean, optional)

Examples

Batch mode example usage:

Interactive mode example usage:

deleteKeySet

The deleteKeySet command deletes the settings of a key set from the configuration.

Target object

None.

Required parameters and return values

-name
The name that uniquely identifies the key set. (String, required)
-scopeName
The name of the scope. (String, optional)

Examples

Batch mode example usage:

Interactive mode example usage:

generateKeyForKeySet

The generateKeyForKeySet command generates keys for the keys in the key set.

Target object

None.

Required parameters and return values

-keySetName
The name of the key set. (String, required)
-keySetScope
The scope of the key set. (String, optional)
-keySetSaveConfig
Set the value of this parameter to true to save the configuration of the key set. Otherwise, set the value of this parameter to false. (Boolean, optional)

Examples

Batch mode example usage:

Interactive mode example usage:

getKeySet

The getKeySet command displays the settings of a particular key set.

Target object

None.

Required parameters and return values

-name
The name that uniquely identifies the key set. (String, required)
-scopeName
The name of the scope. (String, optional)

Examples

Batch mode example usage:

Interactive mode example usage:

listKeySets

The listKeySets command lists the key sets in a particular scope.

Target object

None.

Required parameters and return values

-scopeName
The name of the scope. (String, optional)
-displayObjectNames
Set the value of this parameter to true to list the key set configuration objects within the scope. Set the value of this parameter to false if you want to list the strings that contain the key set group name and management scope. (Boolean, optional)

Examples

Batch mode example usage:

Interactive mode example usage:

modifyKeySet

The modifyKeySet command changes the settings of an existing key set.

Target object

None.

Required parameters and return values

-name
The name that uniquely identifies the key set. (String, required)
-scopeName
The name of the scope. (String, optional)
-aliasPrefix
The prefix for the key alias when a new key generates. (String, optional)
-password
The password that protects the key in the key store. (String, optional)
-maxKeyReferences
The maximum number of key references returned keys from this key set. (Integer, optional)
-deleteOldKeys
Set the value of this parameter to true to delete old keys when new keys are generated. Otherwise, set the value of this parameter to false. (Boolean, optional)
-keyGenerationClass
The class that is used to generate new keys in the key set. (String, optional)
-keyStoreName
The key store that contains the keys. (String, optional)
-keyStoreScopeName
The management scope where the key store is located. (String, optional)
-isKeyPair
Set the value of this parameter to true if the keys in the key set are key pairs. Otherwise, set the value of this parameter to false. (Boolean, optional)

Examples

Batch mode example usage:

Interactive mode example usage:




Related tasks
Using the AdminTask object for scripted administration
Related reference
Commands for the AdminTask object
Reference topic    

Terms of Use | Feedback

Last updated: Nov 25, 2008 2:35:59 AM CST
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.wsfep.multiplatform.doc/info/ae/ae/rxml_atwskeyset.html