Comment: a new article?
You can print and fill this table according to your specific requirements. The values already present in this table are fixed, for example, “RSA / “ means that you must use RSA but you can decide on the key size.
Use the table to help you with bootstrapping the sign and encrypt engine.
Descriptor | Setup Required | Place-holder | HSM | Key type / size | Key Usage | Validity | Trusted by | Issuer |
---|---|---|---|---|---|---|---|---|
EncryptedFields | Yes | No | RSA / | Any | None | |||
configZipEncrypter | Yes | RSA / | Any | None | ||||
configZipSigner | Yes | RSA / | IDM | |||||
objectHistorySigner | Yes | RSA / | Any | None | ||||
signEmailDescriptor | Yes | / | Email recipients | |||||
hermodDeviceEnc | Yes | No | / | Any | None | |||
SelfServiceJWTSigner | Yes | No | RSA / | Any | None | |||
ContentProviderJWSSigner | Yes | RSA / | Mobile device | |||||
att_* | RSA / | Any | None | |||||
idopteAuthentication | No | No | RSA / 2048 | Any | Client side Idopte Middleware | Idopte CA | ||
insideClientAuth | No | No | RSA / | digitalSignature | Inside Server | |||
(PIN blob decryption) | No | RSA / 2048 | Any | None |