Whiteboard Accessories User Manual
Chapter 4 Administering the Sun Crypto Accelerator 4000 Board With the vcaadm and vcadiag Utilities 69
Managing Keystores With vcaadm
A keystore is a repository for key material. Associated with a keystore are security
officers and users. Keystores not only provide storage, but a means for key objects to
be owned by user accounts. This enables keys to be hidden from applications that do
not authenticate as the owner. Keystores have three components:
■ Key objects – Long-term keys that are stored for applications such as the Sun
ONE Web Server.
■ User accounts – These accounts provide applications a means to authenticate and
access specific keys.
■ Security officer accounts – These accounts provide access to key management
functions through vcaadm.
Note – A single Sun Crypto Accelerator 4000 board must have exactly one keystore.
Multiple Sun Crypto Accelerator 4000 boards can be configured to collectively work
with the same keystore to provide additional performance and fault-tolerance.
Naming Requirements
Security officer names, user names, and keystore names must meet the following
requirements:
Password Requirements
Password requirements vary based on the current set passreq setting (low,
med,orhigh).
TABLE 4-4 Security Officer Name, User Name, and Keystore Name Requirements
Name Requirement Description
Minimum length At least one character
Maximum length 63 characters for user names and 32 characters for keystore names
Valid characters Alphanumeric, underscore (_), dash (-), and dot (.)
First character Must be alphabetic