--- title: File Based Key Manager Provider description: The File Based Key Manager Provider can be used to obtain the server certificate from a key store file on the local file system. component: pingds version: 8.1 page_id: pingds:configref:objects-file-based-key-manager-provider canonical_url: https://docs.pingidentity.com/pingds/8.1/configref/objects-file-based-key-manager-provider.html section_ids: parent: Parent file_based_key_manager_provider_properties: File Based Key Manager Provider properties basic_properties: Basic properties enabled: enabled key-store-file: key-store-file key-store-pin: key-store-pin key-store-type: key-store-type provider-arg: provider-arg provider-name: provider-name advanced_properties: Advanced properties java-class: java-class provider-class: provider-class --- # File Based Key Manager Provider The File Based Key Manager Provider can be used to obtain the server certificate from a key store file on the local file system. Multiple file formats may be supported, depending on the providers supported by the underlying Java runtime environment. ## Parent The File Based Key Manager Provider object inherits from [Key Manager Provider](objects-key-manager-provider.html). ## File Based Key Manager Provider properties You can use configuration expressions to set property values at startup time. For details, see [Property value substitution](expressions.html). | Basic Properties | Advanced Properties | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------- | | [enabled](#enabled) [key-store-file](#key-store-file) [key-store-pin](#key-store-pin) [key-store-type](#key-store-type) [provider-arg](#provider-arg) [provider-name](#provider-name) | [java-class](#java-class) [provider-class](#provider-class) | ### Basic properties Use the `--advanced` option to access advanced properties. ### enabled | | | | ----------------------- | -------------------------------------------------------------- | | *Synopsis* | Indicates whether the Key Manager Provider is enabled for use. | | *Default value* | None | | *Allowed values* | truefalse | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### key-store-file | | | | ----------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Specifies the path to the file that contains the private key information. This may be an absolute path, or a path that is relative to the PingDS instance path. | | *Description* | Changes to this property will take effect the next time that the key manager is accessed. | | *Default value* | None | | *Allowed values* | A path to an existing file that is readable (and/or writeable) by the server. | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### key-store-pin | | | | ----------------------- | ----------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Specifies the clear-text PIN needed to access the File Based Key Manager Provider . | | *Default value* | None | | *Allowed values* | A string. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | NoneChanges to this property will take effect the next time that the File Based Key Manager Provider is accessed. | | *Advanced* | No | | *Read-only* | No | ### key-store-type | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Specifies the format for the data in the key store file. | | *Description* | Valid values should always include 'JKS' and 'PKCS12', but different implementations may allow other values as well. If no value is provided, the JVM-default value is used. Changes to this configuration attribute will take effect the next time that the key manager is accessed. | | *Default value* | None | | *Allowed values* | Any key store format supported by the Java runtime environment. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### provider-arg | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------ | | *Synopsis* | The argument passed to configure the key store security provider. | | *Description* | The security provider argument is often a path to a properties file which contains the detailed configuration of the provider. | | *Default value* | None | | *Allowed values* | A string. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### provider-name | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------ | | *Synopsis* | The name of the key store security provider. | | *Description* | The security provider name is usually the name used in the java.security file's "security.provider" list, such as "SunPKCS11". | | *Default value* | None | | *Allowed values* | A string. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ## Advanced properties Use the `--advanced` option to access advanced properties. ### java-class | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------ | | *Synopsis* | The fully-qualified name of the Java class that provides the File Based Key Manager Provider implementation. | | *Default value* | org.opends.server.extensions.FileBasedKeyManagerProvider | | *Allowed values* | A Java class that extends or implements:- org.opends.server.api.KeyManagerProvider | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | The object must be disabled and re-enabled for changes to take effect. | | *Advanced* | Yes | | *Read-only* | No | ### provider-class | | | | ----------------------- | -------------------------------------------------------------------------------------------------------- | | *Synopsis* | The class of the key store security provider. | | *Description* | The Java class that implements the key store security provider, such as "sun.security.pkcs11.SunPKCS11". | | *Default value* | None | | *Allowed values* | A string. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | Yes | | *Read-only* | No |