Uploaded image for project: 'OpenDJ'
  1. OpenDJ
  2. OPENDJ-7205

Simplify master key replacement

    Details

    • Type: Improvement
    • Status: Dev backlog
    • Priority: Major
    • Resolution: Unresolved
    • Affects Version/s: 7.0.0
    • Fix Version/s: None
    • Component/s: security, tools
    • Labels:
      None

      Description

      From a PR discussion, https://stash.forgerock.org/projects/OPENDJ/repos/opendj-docs/pull-requests/1407/overview?commentId=970835 :

      It would be nice if dskeymgr simplified replacing the shared master key with a subcommand that renames the existing master key and adds a new master key with the existing alias.

      Hopefully this is not something people will need to do often, since people shouldn't lose their deployment keys and the default deployment key CA validity is 10 years.

        Attachments

          Activity

            People

            • Assignee:
              Unassigned
              Reporter:
              matthew Matthew Swift
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated: