이 콘텐츠는 선택한 언어로 제공되지 않습니다.

Chapter 13. Key Manager (barabican) Parameters


ParameterDescription

ATOSVars

Hash of atos-hsm role variables used to install ATOS client software.

BarbicanDogtagStoreGlobalDefault

Whether this plugin is the global default plugin. The default value is False.

BarbicanDogtagStoreHost

Hostname of the Dogtag server.

BarbicanDogtagStoreNSSPassword

Password for the NSS DB.

BarbicanDogtagStorePEMPath

Path for the PEM file used to authenticate requests. The default value is /etc/barbican/kra_admin_cert.pem.

BarbicanDogtagStorePort

Port for the Dogtag server. The default value is 8443.

BarbicanKmipStoreGlobalDefault

Whether this plugin is the global default plugin. The default value is False.

BarbicanKmipStoreHost

Host for KMIP device.

BarbicanKmipStorePassword

Password to connect to KMIP device.

BarbicanKmipStorePort

Port for KMIP device.

BarbicanKmipStoreUsername

Username to connect to KMIP device.

BarbicanPassword

The password for the OpenStack Key Manager (barbican) service account.

BarbicanPkcs11AlwaysSetCkaSensitive

Always set CKA_SENSITIVE=CK_TRUE. The default value is True.

BarbicanPkcs11CryptoAESGCMGenerateIV

Generate IVs for CKM_AES_GCM encryption mechanism. The default value is True.

BarbicanPkcs11CryptoATOSEnabled

Enable ATOS for PKCS11. The default value is False.

BarbicanPkcs11CryptoEnabled

Enable PKCS11. The default value is False.

BarbicanPkcs11CryptoEncryptionMechanism

Cryptoki Mechanism used for encryption. The default value is CKM_AES_CBC.

BarbicanPkcs11CryptoGlobalDefault

Whether this plugin is the global default plugin. The default value is False.

BarbicanPkcs11CryptoHMACKeyType

Cryptoki Key Type for Master HMAC key. The default value is CKK_AES.

BarbicanPkcs11CryptoHMACKeygenMechanism

Cryptoki Mechanism used to generate Master HMAC Key. The default value is CKM_AES_KEY_GEN.

BarbicanPkcs11CryptoHMACLabel

Label for the HMAC key.

BarbicanPkcs11CryptoLibraryPath

Path to vendor PKCS11 library.

BarbicanPkcs11CryptoLogin

Password to login to PKCS11 session.

BarbicanPkcs11CryptoMKEKLabel

Label for Master KEK.

BarbicanPkcs11CryptoMKEKLength

Length of Master KEK in bytes. The default value is 256.

BarbicanPkcs11CryptoRewrapKeys

Cryptoki Mechanism used to generate Master HMAC Key. The default value is False.

BarbicanPkcs11CryptoSlotId

Slot Id for the HSM. The default value is 0.

BarbicanPkcs11CryptoThalesEnabled

Enable Thales for PKCS11. The default value is False.

BarbicanSimpleCryptoGlobalDefault

Whether this plugin is the global default plugin. The default value is False.

BarbicanSimpleCryptoKek

KEK used to encrypt secrets.

BarbicanWorkers

Set the number of workers for barbican::wsgi::apache. The default value is %{::processorcount}.

DeployIdentifier

Setting this to a unique value will re-run any deployment tasks which perform configuration on a OpenStack Orchestration (heat) stack-update.

NotificationDriver

Driver or drivers to handle sending notifications. The default value is messagingv2.

ThalesHSMNetworkName

The network that the HSM is listening on. The default value is internal_api.

ThalesVars

Hash of thales-hsm role variables used to install Thales client software.

Red Hat logoGithubRedditYoutubeTwitter

자세한 정보

평가판, 구매 및 판매

커뮤니티

Red Hat 문서 정보

Red Hat을 사용하는 고객은 신뢰할 수 있는 콘텐츠가 포함된 제품과 서비스를 통해 혁신하고 목표를 달성할 수 있습니다.

보다 포괄적 수용을 위한 오픈 소스 용어 교체

Red Hat은 코드, 문서, 웹 속성에서 문제가 있는 언어를 교체하기 위해 최선을 다하고 있습니다. 자세한 내용은 다음을 참조하세요.Red Hat 블로그.

Red Hat 소개

Red Hat은 기업이 핵심 데이터 센터에서 네트워크 에지에 이르기까지 플랫폼과 환경 전반에서 더 쉽게 작업할 수 있도록 강화된 솔루션을 제공합니다.

© 2024 Red Hat, Inc.