Specifies the name of the key database file with kdb extension. The key database file typically contains one or more certificates from the certificate authorities (CAs) that are trusted by the clients. If the LDAP server is configured to provide only server authentication then a private key and client certificate are not required. If the user wants to use the crypto device under key storage mode only then the keydatabase parameter can be NULL. If the client needs the crypto device to work only in accelerator mode then the kdb file must be specified. If the key database file and password are NULL then the default ldapkey.kdb file will be used as the key database and the password will be used from default ldapkey.sth file.
User is given a provision to have some keys stored on device, which can be Personal Certificates with private key, and some in the key database file, which can be Signer Certificates with public keys. Therefore, a specific certificate will be selected either from the local kdb file or from crypto device based on the certificate label used.
An instance of a structure contain following fields:
Under acceleration mode, the PKCS11 device can be configured to do three different operations: Symmetric operation, Digest operation, and Random Data Generation operation.
The accelerator value should be one of the options listed below:
#define LDAP_SSL_ACCELERATION_MODE_NONE 0 #define LDAP_SSL_ACCELERATION_MODE_SYM 1 #define LDAP_SSL_ACCELERATION_MODE_DIG 2 #define LDAP_SSL_ACCELERATION_MODE_SYM_DIG 3 #define LDAP_SSL_ACCELERATION_MODE_RND 4 #define LDAP_SSL_ACCELERATION_MODE_RND_SYM 5 #define LDAP_SSL_ACCELERATION_MODE_RND_DIG 6 #define LDAP_SSL_ACCELERATION_MODE_SYM_DIG_RND 7
[ Top of Page | Previous Page | Next Page ]