Skip Headers
Oracle® Key Manager 3 Security Guide
Release 3.0
E49728-01
  Go To Table Of Contents
Contents

Previous
Previous
 
Next
Next
 

4 Linux PKCS#11 KMS Provider

A new Linux PKCS#11 KMS provider accompanies the Oracle Key Manager release. An administrator can download the Linux PKCS#11 KMS provider from the My Oracle Support web site and install it on an Oracle Enterprise Linux server. The Linux PKCS#11 KMS provider has the same security characteristics and authenticates with Oracle Key Manager appliances as other agents do.The Linux PKCS#11 KMS provider stores a log file and profile information under a /var/opt/kms/username directory. The user and/or administrator should manage this log file manually or by using a utility such as logrotate. Access control to the /var/opt/kms/username directory should be restricted through appropriate permissions. Within the profile directory the authentication credentials for the agent are retained within a PKCS#12 file. The PKCS#12 file is secured with a password.For more information about the Linux PKCS#11 KMS provider, refer to the Oracle Key Manager Administration Guide included in the Oracle Key Manager documentation libraries at:

http://www.oracle.com/technetwork/documentation/tape-storage-curr-187744.html#crypto