6.8 Key Manager

Owned by Jenni Wallin
Last updated: May 08, 2023 by Former user (Deleted)
2 min read

The Key Manager enables you to configure key exchange required by the protocols for several different agents.

To open the Key Manager, click the Tools button in the upper left part of the Desktop window, and then select Key Manager from the menu.


Key Manager

ItemDescription

Select Pico

Select for wich pico instance you want the key exchange to be configured in this list. All running pico instances will be available for selection.

Select Keystore Type

Select the keystore type in this list. Supported types are JKS, JCEKS, and PKCS12.

Select Keystore

Select the keystore you want to use. All keystores for the selected pico instance will be available for selection, see the Adding Keystores to Pico Instances section below for further information.

Upon selection you will be prompted for the keystore's password:

Aliases

This section will show the available aliases and their respective types within the selected keystore. The type can be either key or certificate.

Remove

Click this button to remove selected aliases from the list.

Import Certificate

Click on this button to import an existing certificate. You will be prompted to select the certificate and enter the alias:

Click on the Select Certificate button, browse to the location of the certificate, select it and click Open. Then enter the alias and click OK to import.

Adding Keystores to Pico Instances

In order to select a keystore, it has to be added to the pico instance. Mulitple keystores can be added at the same time. This is done using topo by executing the following sequence, assuming the keystore(s) exists:

  1. Add keystore(s) to the pico instance:

    $ mzsh topo set --allow-disconnected -l pico:<piconame>/obj:config.properties.security 'keystorePath: "<path_to_ks1;path_to_ks2>"'

  2. Activate the changes:

    $ mzsh topo activate

  3. Restart the pico instance:

    $ mzsh restart <piconame>

Example - Adding Keystore to Pico Instance

$ mzsh topo set --allow-disconnected -l pico:ec1/obj:config.properties.security 'keystorePath: "/tmp/keys/mykey.keystore"'
$ mzsh topo activate
$ mzsh restart ec1
Next:

6.9 Pico Manager