--- title: LDAP Key Manager Provider description: The LDAP key manager provider uses an LDAP key store managed by the server to obtain server certificates. component: pingds version: 8.1 page_id: pingds:configref:objects-ldap-key-manager-provider canonical_url: https://docs.pingidentity.com/pingds/8.1/configref/objects-ldap-key-manager-provider.html section_ids: parent: Parent ldap_key_manager_provider_properties: LDAP Key Manager Provider properties basic_properties: Basic properties base-dn: base-dn enabled: enabled key-store-pin: key-store-pin advanced_properties: Advanced properties java-class: java-class --- # LDAP Key Manager Provider The LDAP key manager provider uses an LDAP key store managed by the server to obtain server certificates. ## Parent The LDAP Key Manager Provider object inherits from [Key Manager Provider](objects-key-manager-provider.html). ## LDAP Key Manager Provider properties You can use configuration expressions to set property values at startup time. For details, see [Property value substitution](expressions.html). | Basic Properties | Advanced Properties | | ----------------------------------------------------------------------- | ------------------------- | | [base-dn](#base-dn) [enabled](#enabled) [key-store-pin](#key-store-pin) | [java-class](#java-class) | ### Basic properties Use the `--advanced` option to access advanced properties. ### base-dn | | | | ----------------------- | ------------------------------------------------------------- | | *Synopsis* | The base DN beneath which LDAP key store entries are located. | | *Default value* | None | | *Allowed values* | A valid DN. | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### enabled | | | | ----------------------- | -------------------------------------------------------------- | | *Synopsis* | Indicates whether the Key Manager Provider is enabled for use. | | *Default value* | None | | *Allowed values* | truefalse | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | None | | *Advanced* | No | | *Read-only* | No | ### key-store-pin | | | | ----------------------- | ----------------------------------------------------------------------------------------------------------- | | *Synopsis* | Specifies the clear-text PIN needed to access the LDAP Key Manager Provider . | | *Default value* | None | | *Allowed values* | A string. | | *Multi-valued* | No | | *Required* | No | | *Admin action required* | NoneChanges to this property will take effect the next time that the LDAP Key Manager Provider is accessed. | | *Advanced* | No | | *Read-only* | No | ## Advanced properties Use the `--advanced` option to access advanced properties. ### java-class | | | | ----------------------- | ------------------------------------------------------------------------------------------------------ | | *Synopsis* | The fully-qualified name of the Java class that provides the LDAP Key Manager Provider implementation. | | *Default value* | org.opends.server.extensions.LDAPKeyManagerProvider | | *Allowed values* | A Java class that extends or implements:- org.opends.server.api.KeyManagerProvider | | *Multi-valued* | No | | *Required* | Yes | | *Admin action required* | The object must be disabled and re-enabled for changes to take effect. | | *Advanced* | Yes | | *Read-only* | No |