Local Encryption Parameters
| Parameters | Default | Description |
|---|---|---|
| Symmetric_Key_Cache_Enabled | Determines if the symmetric key caching feature is enabled. Symmetric keys can be cached. Possible values are: — no: Key caching for symmetric keys is disabled. Crypto operations for symmetric key are performed on the Key Manager). — yes: Key caching for symmetric keys is enabled. Protocol must be set to ssl and ssl must be configured. — tcp_ok: Key caching for symmetric keys is enabled over both tcp and ssl connections. | |
| Asymmetric_Key_Cache_Enabled | Determines if the asymmetric key caching feature is enabled. Asymmetric keys can be cached. Possible settings are: — no: Key caching for asymmetric keys is disabled. Crypto operations for asymmetric key are performed on the Key Manager). — yes - Key caching for asymmetric keys is enabled. Protocol must be set to ssl and ssl must be configured. — tcp_ok - Key caching for asymmetric keys is enabled over both tcp and ssl connections. Keys are stored in the key cache. Cache are created per client, per session. | |
| Symmetric_Key_Cache_Expiry | 43200 seconds (12 hours) | The minimum amount of time that a key will remain in the client key cache. The cache holds both symmetric and asymmetric keys. The name of this property retains the word symmetric for backwards compatibility. Possible setting are: — 0 - This is the infinite timeout setting. Keys are never purged from the client cache. — A positive integer - At the end of this interval, the key will be purged from the cache the next time the library is called. |
| Symmetric_Key_Cache_AutoRefresh_Interval | 0 (disabled) | It is the time after which the cached key becomes eligible for refresh. The actual refresh operation occurs only when a cached key is queried from the cache before the key expires. It can be specified in any time unit; the default is seconds. If the eligible key is not queried from the symmetric cache, it is removed from the cache after its expiry. This parameter is applicable only if the symmetric key cache is enabled. . Possible values are: — 0: Auto refresh feature is disabled. — Any positive integer: The time after which the cached key is eligible for refresh. |
| Local_Cipher_Cache_Expiry | 0 | The time after which the local cipher initialized with cached keys expires and then reinitialized with cached keys. This parameter is applicable only if the symmetric key cache is enabled. The default unit is milliseconds. Possible values are: — -1 0 —A positive integer* The following table shows the possible configurations of Symmetric_Key_Cache_AutoRefresh_Interval, Symmetric_Key_Cache_Expiry, Local_Cipher_Cache_Expiry and their impact on the local cipher expiry time.  |
| Local_Crypto_Provider | The name of the provider that will perform local cryptography if symmetric key caching is enabled. | |
| Persistent_Cache_Enabled | disabled | Enables and disables the persistent key caching feature. To enable this feature, you must also enable either symmetric or asymmetric key caching or both. By default, this parameter is disabled. Possible values are: — yes - The feature is enabled. — no - The feature is disabled. Persistent key caching feature is not supported for tokenization operations. |
| Persistent_Cache_Expiry_Keys | 43200 seconds (12 hours). | The time after which a key will expire from the persistent cache. This value must be greater than zero.Persistent_Cache_Directory |
| Persistent_Cache_Max_Size | 100 keys | The maximum number of keys that can be stored in the persistent cache. Possible values are: — Any positive integer: The maximum number of keys to be stored in persistent cache. — -1: Allows infinite number of keys to be stored in persistent cache. |
