--- title: File Based Trust Manager Provider description: The file-based trust manager provider obtains the trusted certificates from a trust store file. component: pingds version: 8.1 page_id: pingds:configref:objects-file-based-trust-manager-provider canonical_url: https://docs.pingidentity.com/pingds/8.1/configref/objects-file-based-trust-manager-provider.html section_ids: parent: Parent file_based_trust_manager_provider_properties: File Based Trust Manager Provider properties basic_properties: Basic properties enabled: enabled provider-arg: provider-arg provider-name: provider-name trust-store-file: trust-store-file trust-store-pin: trust-store-pin trust-store-type: trust-store-type advanced_properties: Advanced properties java-class: java-class provider-class: provider-class --- # File Based Trust Manager Provider The file-based trust manager provider obtains the trusted certificates from a trust store file. The key store file can be in either JKS (the default Java key store format) or PKCS#12 (a standard certificate format) form. ## Parent The File Based Trust Manager Provider object inherits from [Trust Manager Provider](objects-trust-manager-provider.html). ## File Based Trust Manager Provider properties You can use configuration expressions to set property values at startup time. For details, see [Property value substitution](expressions.html). | Basic Properties | Advanced Properties | | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | ----------------------------------------------------------- | | [enabled](#enabled) [provider-arg](#provider-arg) [provider-name](#provider-name) [trust-store-file](#trust-store-file) [trust-store-pin](#trust-store-pin) [trust-store-type](#trust-store-type) | [java-class](#java-class) [provider-class](#provider-class) | ### Basic properties Use the `--advanced` option to access advanced properties. ### enabled | | | | ----------------------- | --------------------------------------------------------------- | | *Synopsis* | Indicate whether the Trust Manager Provider is enabled for use. | | *Default value* | None | | *Allowed values* | truefalse | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### provider-arg | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------------------ | | *Synopsis* | The argument passed to configure the trust store security provider. | | *Description* | The security provider argument is often a path to a properties file which contains the detailed configuration of the provider. | | *Default value* | None | | *Allowed values* | A string. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### provider-name | | | | ----------------------- | --------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | The name of the trust store security provider. | | *Description* | The provider name is usually the name used in the java.security file's "security.provider" list, such as "SunPKCS11". | | *Default value* | None | | *Allowed values* | A string. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### trust-store-file | | | | ----------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Specifies the path to the file containing the trust information. It can be an absolute path or a path that is relative to the PingDS instance path. | | *Description* | Changes to this configuration attribute take effect the next time that the trust manager is accessed. | | *Default value* | None | | *Allowed values* | A path to an existing file that is readable (and/or writeable) by the server. | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### trust-store-pin | | | | ----------------------- | ------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Specifies the clear-text PIN needed to access the File Based Trust Manager Provider . | | *Default value* | None | | *Allowed values* | A string. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | NoneChanges to this property will take effect the next time that the File Based Trust Manager Provider is accessed. | | *Advanced* | No | | *Read-only* | No | ### trust-store-type | | | | ----------------------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | *Synopsis* | Specifies the format for the data in the trust store file. | | *Description* | Valid values always include 'JKS' and 'PKCS12', but different implementations can allow other values as well. If no value is provided, then the JVM default value is used. Changes to this configuration attribute take effect the next time that the trust manager is accessed. | | *Default value* | The JVM default key store type. | | *Allowed values* | Any key store format supported by the Java runtime environment. The "JKS" and "PKCS12" formats are typically available in Java environments. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ## Advanced properties Use the `--advanced` option to access advanced properties. ### java-class | | | | ----------------------- | -------------------------------------------------------------------------------------------------------------- | | *Synopsis* | The fully-qualified name of the Java class that provides the File Based Trust Manager Provider implementation. | | *Default value* | org.opends.server.extensions.FileBasedTrustManagerProvider | | *Allowed values* | A Java class that extends or implements:- org.opends.server.api.TrustManagerProvider | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | None | | *Advanced* | Yes | | *Read-only* | No | ### provider-class | | | | ----------------------- | ---------------------------------------------------------------------------------------------------------- | | *Synopsis* | The class of the trust store security provider. | | *Description* | The Java class that implements the trust store security provider, such as "sun.security.pkcs11.SunPKCS11". | | *Default value* | None | | *Allowed values* | A string. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | None | | *Advanced* | Yes | | *Read-only* | No |