Caching Parameters
| Parameter | Default | Description |
|---|---|---|
| Symmetric_Key_Cache_Enabled | no | Enables symmetric key caching. If enabled, the client will be able to use symmetric keys locally. Valid values: • no - Key caching is disabled. Remote encryption (encryption performed on the CipherTrust Manager) is available as normal. • yes - Key caching is enabled and the NAE XML protocol is used for exporting keys. Protocol must be set to ssl. (ssl must be configured.) • tcp_ok - Key caching is enabled over both tcp and ssl connections. The NAE XML protocol is used for exporting the keys. |
| Asymmetric_Key_Cache_Enabled | no | Enables asymmetric key caching. If enabled, the client will be able to use symmetric keys locally. Valid values: • no - Key caching is disabled. Remote encryption (encryption performed on the CipherTrust Manager) is available as normal. • yes - Key caching is enabled and the NAE XML protocol is used for exporting keys. Protocol must be set to ssl. (ssl must be configured.) • tcp_ok - Key caching is enabled over both tcp and ssl connections. The NAE XML protocol is used for exporting the keys. |
| Key_Cache_Expiry | 43200 secs (12 hours) | Time period after which a cached symmetric/asymmetric key can be removed from the cache. |
| Persistent_Cache_Enabled | no | Enables or disables the persistent key caching feature. To enable this feature, you must also enable either symmetric or asymmetric key caching or both. Valid values: • yes - Enables this feature. • no - Disables the feature. |
| Persistent_Cache_Directory | no | The directory in which the persistent cache is located. The actual cache file name uses the base name keycache, plus a suffix based on the NAE user name. The value can be absolute or relative to the application. Do not use quotes when specifying the path, even if it contains spaces.For example, the cache for "user1" is "keycache_user1". The directory must already exist. |
| Persistent_Cache_Expiry_Keys | 43200 seconds (12 hours) | The time after which key is fetched from the CipherTrust Manager. This value must be greater than zero. Note: If the key manager is not reachable, keys will not be deleted and insertion time of the key will be updated. If any other error comes from the CipherTrust Manager, the key will be deleted. This value must be greater than the value of Key_Cache_Expiry. |
| Persistent_Cache_Max_Size | 100 | The maximum number of keys that can be stored in the persistent cache. The value must be greater than zero. |
