Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: New article for IDM 5.0.1.
Info

This article is new for Identity Manager 5.0.1.

You can print out and fill this table according to your specific requirements. The values already present in this table are fixed, e.g. , for example, “RSA / “ means that you must use RSA but you can decide on the keysize. Then use it key size.

Use the table to help you with bootstrapping the sign and encrypt engine. See Sign and encrypt engine descriptors for a detailed description of the requirements.

Descriptor

Setup Required

Place-holder

HSM

Key type / size

Key Usage

Validity

Trusted by

Issuer

EncryptedFields

Yes

No

RSA /

Any

None

configZipEncrypter

Yes

RSA /

Any

None

configZipSigner

Yes

RSA /

IDM

objectHistorySigner

Yes

No

RSA /

Any

None

signEmailDescriptor

Yes

/

Email recipients

hermodDeviceEnc

Yes

No

/

Any

None

SelfServiceJWTSigner

Yes

No

RSA /

Any

None

ContentProviderJWSSigner

Yes

RSA /

Mobile device

att_*

Yes

RSA /

Any

None

idopteAuthentication

No

No

RSA / 2048

Any

Client side Idopte Middleware

Idopte CA

insideClientAuth

No

No

RSA /

digitalSignature

Inside Server

(PIN blob decryption)

No

RSA / 2048

Any

None