Configure a Separate Key Store

If you have a collocated policy/key store, you can configure the Policy Server to use a separate key store.
sm1252sp1
If you have a collocated policy/key store, you can configure the Policy Server to use a separate key store.
The type of directory server that is to function as a separate key store determines how you configure the store:
  • If you can use the smldapsetup utility to configure a policy store, you can configure a separate key store using key store-specific schema. You can configure the following directory servers with this method:
    • Microsoft Active Directory
    • Microsoft AD LDS
    • Oracle Directory Server Enterprise Edition
    • Oracle Internet Directory Server
    • Red Hat Directory Server
  • If you cannot use the smldapsetup utility to configure a policy store, then you must:
       1. Configure a separate directory server instance with the policy store schema only. The policy store schema includes the key store schema. You do not have to:
      • Set the super user password.
      • Import the default policy store objects.
      • Import the policy store data definitions.
        A separate key store does not require these objects.
      2. Configure the Policy Server to use this policy store instance as a key store only.