JSS Subsystem

From Dogtag
Jump to: navigation, search

JSS Subsystem

jss.enable=true

NSS Database

jss.configDir=[PKI_INSTANCE_PATH]/alias/
jss.secmodName=secmod.db

OCSP

jss.ocspcheck.enable=false

SSL

jss.ssl.cipherfortezza=true
jss.ssl.cipherpref=
jss.ssl.cipherversion=cipherdomestic

Random Number Generator

See Configuring Random Generator.

Debugging Password

For debugging, NSS token password can be specified in the following parameter:

jss.password=<password>

If the password is defined, it will be used during CA/OCSP's SigningUnit initialization:

PasswordCallback cb = JssSubsystem.getInstance().getPWCB();
mToken.login(cb);

Note: This functionality has been removed in PKI 10.6.

References