| Info |
|---|
This article is valid includes updates for Smart ID Identity Manager 24.R1 or later5.0.1. |
| Note |
|---|
| IDM 24.R1 makes a number of significant changes compared to earlier releases! Please review this document Before installing or upgradingRead this article and its related pages carefully before proceeding you proceed with a fresh installation or upgrade since the Identity Manager 5.0.1 release comes with significant changes compared to earlier versions. |
| Note |
|---|
Important:informationMost descriptors need to must have their certificates and keys bootstrapped before starting the application(s) for the first time. |
Sign and encrypt engine
The sign and encrypt engine is the central component of Identity Manager for signing, verification, and encryption using keys and certificates. It handles several use cases, and most of them have to be configured for each deployment, so that the private keys are kept secret. The keys themselves can be stored in files or in certain cases on a Hardware Security Module (HSM) for increased security.The use cases the engine handles include like encryption and decryption of fields in the Identity Manager database, signing, verification, and encryption of the object history and many more.
Most use cases have to be configured for each deployment, so that the private keys are kept secret. The sign and encrypt engine provides a consistent configuration of keys and certificates for both signing and encryption. You can define algorithms and parameters and reference keys from an HSM (for most use - cases) or from PKCS#12 files (for all use cases).
Additional Information
| Expand | ||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ||||||||||||||
|
...