System Certificate Parameter Definitions

If an adapter and servlet are used for inbound communications, you must monitor the expiration dates of the system certificates to ensure that the certificates are valid. Before the certificates expire, they must be replaced with valid certificates.

Parameter

Description

alias

The key name stored in the HSM. Use only alias names containing characters a-z, A-Z, 0-9 or hyphen (-), and whose total length is no longer than the system GUID length.

certname

Name to assign to the system certificate in the database.

Certtype

The certificate type to import. Four types of certificate files are supported: pkcs12, pkcs8, pem, and keystore. Sterling B2B Integrator only supports pem keys encrypted with DES or 3DES.

Use keystore to list or import the keystore.

file

Name of the File to import.

keypass

PIN for the slot on the Eracom device.

keystoretype

Keystore type to import. Valid value is CRYPTOKI.

keystoreprovider

Provider type. Eracom is the only HSM supported provider type.

Valid values are:

  • ERACOM
  • ERACOM.n (if you are importing certificates to a slot other than the first position)

password

Store passphrase for the certificate file.

pkcs12file

Name of the PKCS12 file to import.

pkcs12storepass

Store passphrase used for the generation of the PKCS12 file.

pkcs12keypass

Valid passphrase for the PKCS12 file.

storepass

PIN for the slot on the Eracom device where the keystore resides.

systempass

System passphrase.