ejbca_3_5_3(1).zip xkms.properties.sample

www.pudn.com > ejbca_3_5_3(1).zip > xkms.properties.sample
#
# $Id: xkms.properties.sample,v 1.3 2007/01/05 05:35:50 herrvendil Exp $
#
# This is a sample file to override properties used
# during deployment of EJBCA
# 
# You should copy and rename this file to xkms.properties
# and customize at will.
#


#------------------- XKMS settings -------------

# Disable this (set to false) if you do not want to deploy the XKMS Service in EJBCA
# Default: true
#xkms.enabled=true

# Should signed XKMS request be required 
#
# Default: false
#xkms.request.requiresignature=false
 
# List of CA names that are accepted for XKMS signed requests
# Use ';' as a separate for multiple.
# Default: AdminCA1
#xkms.request.acceptedcas=AdminCA1
 
# Accept signed responses on request.
#
# Default: true
#xkms.response.acceptsignrequest=true

# Always sign responses
#
# Default: false
#xkms.response.alwayssign=false

# Specify which CA that should be used with the signed responses.
# Only one can be specified. Important, make sure the XKMS CA Service
# is activated in the edit ca page.
# Default: AdminCA1
#xkms.response.causedforsigning=AdminCA1 
 
# Setting specifying the keyusage in a X509 certificate that is mapped
# to XKMS KeyUsage Signature, Default is non-repudiation but if set to 
# false will XKMS KeyUsage Signature be mapped against digital 
# signature X509 key usage.
#
# Default: true
#xkms.keyusage.signatureisnonrep=true

# XKMS Service port
# This is a development setting that is set in the WSDL to
# instruct the client use a non default port. This is only needed
# if a WS tap listener is used to review the messages.
#xkms.serviceport=8080

# Setting indicating if a Proof Of Possesion element 
# is required for KRSS calls. 
#
# Default : true
#xkms.krss.poprequired=true

# Setting indicating the size of server generated keys
# used in the register method.
#
# Default : 1024
#xkms.krss.servergenkeylength=1024

# Defines if the end entity should be able to revoke his certificate
# using the revoke call and a revokaton code identifier
#
# Default : true
#xkms.krss.allowrevokation=true

# Defines if it should be possible to automatically issue a new certificate
# if the current one is valid and have a POP that verifies. In this case
# it isn't neccessary to set status to new and password authentication is
# ignored.
#
# Default : false
#xkms.krss.allowautomaticreissue=false