Network Configuration Parameters
| Parameters | Default | Description |
|---|---|---|
| Cluster_Synchronization_Delay | 100s | The Cluster_Synchronization_Delay parameter specifies how long the client will wait before assuming that key changes have been synchronized throughout a cluster. After creating, cloning, importing, or modifying a key, the client will continue to use the same Key Manager until the end of this delay period.Possible settings: —0 – Disables the function. Any positive integer. For example, the client sets Cluster_Synchronization_Delay to 100s and sends a key creation request to appliance A, which is part of a cluster. Appliance A creates the key and automatically synchronizes with rest of the cluster. The client will use only appliance A for 100 seconds - enough time for the cluster synchronization to complete. After this time period, the client will use other cluster members as before. |
| Symmetric_Key_Cache_Enabled | no | The Symmetric_Key_Cache_Enabled parameter determines if the symmetric key caching feature is enabled. Only symmetric keys can be cached.Possible settings: —no – Key caching is disabled. Remote encryption is available as normal. —yes – Key caching is enabled. Protocol must be set to ssl. (And ssl must be configured.) —tcp_ok – Key caching is enabled over both tcp and ssl connections. |
| Symmetric_Key_Cache_Expiry | 43200 seconds (12 hours) | The Symmetric_Key_Cache_Expiry parameter determines the minimum amount of time that a key will remain in the client key cache.Possible settings: —0 – This is the infinite timeout setting. Keys are never purged from the client cache. —Any positive integer – At the end of this interval, the key will be purged from the cache the next time the library is called. |
| Local_Cipher_Cache_Expiry | 43200000 ms (12 hours) | The Local_Cipher_Cache_Expiry parameter determines the minimum amount of time after which the cipher initialized with the key expires and is reinitialized with the cached key.Possible settings: —-1 – This is the infinite timeout setting. Cipher is never purged from the client cache. —0 – The cipher will expire after every operation. —A positive integer – At the end of this interval, the cipher will be purged from the cache the next time the library is called. Note: The Local_Cipher_Cache_Expiry time should be less than or equal to the Symmetric_Key_Cache_Expiry time and Symmetric_Key_Cache_Enabled parameter should be set as yes or tcp_ok. |
| Local_Crypto_Provider | The Local_Crypto_Provider parameter specifies the name of the JCE provider that will perform local cryptography if symmetric key caching is enabled. The default value is SunJCE or IBMJCE, depending on JVM.Possible setting: — A JCE Provider currently enabled on the client. |
