Writable SAF Keyring settings

Specifies the unique name to identify the writable SAF keyring. The name is the name of the keystore specified on the create command that corresponds to the keyring owned by the RACF ID of the control region process. Or it is the name of the keystore specified on the create command that corresponds to the keyring owned by the RACF ID of the servant region process. The name is <your_keystore_name> -CR for the control region user and<your_keystore_name> -SR for the servant region user.

Specifies the description of the writable SAF keyring (either the control region keyring or the servant region keyring).

Specifies the management scope associated with the writable SAF keyring. These keystores are created in the same scope as <your_keystore_name> and can be accessed from the administrative console from the <your_keystore_name> collection panel.

Specifies the location of the keyring file in the format needed by the keystore type. This file is a URL of the form, safkeyring:///your_keyring_name.

Specifies the password used to protect the keystore. For the default keyring (names ending in DefaultKeyStore or DefaultTrustStore) for which this keyring is associated, the password is WebAS. This default password must be changed.

Specifies the implementation for keyring management. This value defines the tool that operates on this keyring type. For a writable SAF keyring, the type is JCERACFKS. For writable SAF keyrings, the tool that operates on this SAF keyring is RACF.

Specifies whether the writable SAF keyring can be written to or not. If the keyring cannot be written to, certain operations cannot be performed, such as creating or importing certificates.

Specifies whether the writable keyring needs to be initialized before it can be used for cryptographic operations. If enabled, the keyring is initialized at server startup.

Specifies whether a hardware cryptographic device is used for cryptographic operations only. Operations that require a login are not supported when using this option.