Configure a Separate Key Store

If you have a collocated policy and key store, you can configure the Policy Server to use a separate key store.
casso10
If you have a collocated policy and key store, you can configure the Policy Server to use a separate key store.
The type of directory server that functions as a separate key store determines how you configure the store:
If you can use the smldapsetup utility to configure a policy store, you can configure a separate key store using key store-specific schema. You can configure the following directory servers with this method:
  • Microsoft Active Directory
  • Microsoft AD LDS
  • Oracle Directory Server Enterprise Edition
  • Oracle Internet Directory Server
  • Red Hat Directory Server
If you
cannot use
the smldapsetup utility to configure a policy store, you must:
  1. Configure a separate directory server instance with the policy store schema only. The policy store schema includes the key store schema. You do not have to complete the following tasks because a separate key store does not require these objects:
    • Set the super user password.
    • Import the default policy store objects.
    • Import the policy store data definitions.
  2. Configure the Policy Server to use this policy store instance as a key store only.