Your suggested change has been received. Thank you.

close

Suggest A Change

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

Thales Logo

All

  • All
back

Configuration

Caching Parameters

search

Please Note:

Caching Parameters

ParameterDefaultDescription
Symmetric_Key_Cache_EnablednoEnables symmetric key caching. If enabled, the client will be able to use symmetric keys locally.
Valid values:
no - Key caching is disabled. Remote encryption (encryption performed on the CipherTrust Manager) is available as normal.
yes - Key caching is enabled and the NAE XML protocol is used for exporting keys. Protocol must be set to ssl. (ssl must be configured.)
tcp_ok - Key caching is enabled over both tcp and ssl connections. The NAE XML protocol is used for exporting the keys.
Asymmetric_Key_Cache_EnablednoEnables asymmetric key caching. If enabled, the client will be able to use symmetric keys locally.
Valid values:
no - Key caching is disabled. Remote encryption (encryption performed on the CipherTrust Manager) is available as normal.
yes - Key caching is enabled and the NAE XML protocol is used for exporting keys. Protocol must be set to ssl. (ssl must be configured.)
tcp_ok - Key caching is enabled over both tcp and ssl connections. The NAE XML protocol is used for exporting the keys.
Key_Cache_Expiry43200 secs
(12 hours)		Time period after which a cached symmetric/asymmetric key can be removed from the cache.
Persistent_Cache_EnablednoEnables or disables the persistent key caching feature. To enable this feature, you must also enable either symmetric or asymmetric key caching or both.
Valid values:
yes - Enables this feature.
no - Disables the feature.
Persistent_Cache_DirectorynoThe directory in which the persistent cache is located. The actual cache file name uses the base name keycache, plus a suffix based on the NAE user name.
For example, the cache for "user1" is "keycache_user1".
The directory must already exist.
Persistent_Cache_Expiry_Keys43200 seconds
(12 hours)		The time after which key is fetched from the CipherTrust Manager. This value must be greater than zero.
Note: If the key manager is not reachable, keys will not be deleted and insertion time of the key will be updated.
If any other error comes from the CipherTrust Manager, the key will be deleted. This value must be greater than the value of Key_Cache_Expiry.
Persistent_Cache_Max_Size100The maximum number of keys that can be stored in the persistent cache. The value must be greater than zero.

On this page