Sitescope Keystores

  1. Key management        – used to hold persistency encryption key.
  2. SiteScope Trust Store – used for SSL communication (CACERTS), certification autorities we trust to tell us the real identity of outgoing connections (SSL).
  3. Server Key Store         – Used by SiS server to be identified by SiS clients as trust SiS server.
  1. Monitors flow (outgoing SSL connections):
    SITESCOPE_HOME_DIR/java/lib/security/cacerts – SiteScope trust store (converted to PKSC12 format when using monitors for outgoing SSL connections)
  2. SiteScope server configured to SSL (ingoing SSL connections):
    SITESCOPE_HOME_DIR/groups/serverKeystore (in FIPS mode created in PKSC12 format)
  3. SiteScope server configured to SSL + client authentication\CAC (ingoing SSL connections):
    SITESCOPE_HOME_DIR/templates.certificates/serverTrustStore (JKS format)
  4. SiteScope API configuration (SiteScope server configured to SSL + client authentication):
    SITESCOPE_HOME_DIR/groups/serverKeystore (in FIPS mode created in PKSC12 format)
    SITESCOPE_HOME_DIR/templates.certificates/serverTrustStore (JKS format)
    SITESCOPE_HOME_DIR/java/lib/security/cacerts (JKS format)
    Client KeyStore and TrustStore for SiteScope API usage:
    SCRIPT_HOME/API_Configuration/clientTrustStore (JKS format)
    SCRIPT_HOME/API_Configuration/clientKeyStore (JKS format)
  5. SiteScope client certificate authentication for BSM integration:
    SITESCOPE_HOME_DIR/templates.certificates/BSMClientKeystore (JKS format)
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s