Chapter 13. Key Manager (barabican) Parameters
Parameter | Description |
---|---|
| Hash of atos-hsm role variables used to install ATOS client software. |
|
Whether this plugin is the global default plugin. The default value is |
| Hostname of the Dogtag server. |
| Password for the NSS DB. |
|
Path for the PEM file used to authenticate requests. The default value is |
|
Port for the Dogtag server. The default value is |
|
Whether this plugin is the global default plugin. The default value is |
| Host for KMIP device. |
| Password to connect to KMIP device. |
| Port for KMIP device. |
| Username to connect to KMIP device. |
| The password for the OpenStack Key Manager (barbican) service account. |
|
Always set CKA_SENSITIVE=CK_TRUE. The default value is |
|
Generate IVs for CKM_AES_GCM encryption mechanism. The default value is |
|
Enable ATOS for PKCS11. The default value is |
|
Enable PKCS11. The default value is |
|
Cryptoki Mechanism used for encryption. The default value is |
|
Whether this plugin is the global default plugin. The default value is |
|
Cryptoki Key Type for Master HMAC key. The default value is |
|
Cryptoki Mechanism used to generate Master HMAC Key. The default value is |
| Label for the HMAC key. |
| Path to vendor PKCS11 library. |
| Password to login to PKCS11 session. |
| Label for Master KEK. |
|
Length of Master KEK in bytes. The default value is |
|
Cryptoki Mechanism used to generate Master HMAC Key. The default value is |
|
Slot Id for the HSM. The default value is |
|
Enable Thales for PKCS11. The default value is |
|
Whether this plugin is the global default plugin. The default value is |
| KEK used to encrypt secrets. |
|
Set the number of workers for barbican::wsgi::apache. The default value is |
| Setting this to a unique value will re-run any deployment tasks which perform configuration on a OpenStack Orchestration (heat) stack-update. |
|
Driver or drivers to handle sending notifications. The default value is |
|
The network that the HSM is listening on. The default value is |
| Hash of thales-hsm role variables used to install Thales client software. |