Chapter 6. Using and Configuring the Token Management System: TPS and TKS


This chapter provides procedures for using hardware security modules, also called HSMs or tokens, to generate and store Certificate System instance certificates and keys.
This chapter only contains administration procedures. For general information on the concepts behind the Token Management System, see the Red Hat Certificate System Planning, Installation and Deployment Guide.

6.1. TPS Profiles

Note

See the TPS Profiles section of the Red Hat Certificate System Planning, Installation and Deployment Guide for general information.
Unlike CA enrollment profiles, which are defined and stored in individual files or in LDAP, TPS profiles (also known as token types) are defined in the TPS configuration file, CS.cfg.
TPS profile (token type) configuration parameters are set in the following format:
op.<explicit op>.<profile id>.<implicit op>.<key type>.*
In the above, <explicit op> and <implicit op> are one of the explicit and implicit operations discussed in the TPS Operations section below, and <key type> is the name given for each certificate type.
An example configuration parameter may look like the following example:
op.enroll.userKey.keyGen.encryption.*
Red Hat logoGithubRedditYoutubeTwitter

Learn

Try, buy, & sell

Communities

About Red Hat Documentation

We help Red Hat users innovate and achieve their goals with our products and services with content they can trust.

Making open source more inclusive

Red Hat is committed to replacing problematic language in our code, documentation, and web properties. For more details, see the Red Hat Blog.

About Red Hat

We deliver hardened solutions that make it easier for enterprises to work across platforms and environments, from the core datacenter to the network edge.

© 2024 Red Hat, Inc.