Configuring the XKMS Service - 8.0

Talend ESB Infrastructure Services Configuration Guide

Version
8.0
Language
English
Product
Talend Data Fabric
Talend Data Services Platform
Talend ESB
Talend MDM Platform
Talend Real-Time Big Data Platform
Module
Talend ESB
Talend Runtime
Content
Design and Development
Installation and Upgrade
Last publication date
2024-03-13

First of all, you need to start the XKMS service in the Talend Runtime Container. To do so, after starting the Talend Runtime Container, enter the following command at the console prompt:

tesb:start-xkms

You can also shutdown the XKMS service by entering:

tesb:stop-xkms

For more information about how to start the Talend Runtime Container, see Starting Runtime Container.

Once started, the XKMS service provides the following operations at http://localhost:8040/services/: Reissue, Compound, Register, Pending, Revoke, Locate, Status, Recover, and Validate.

Once the XKMS Service started, you can configure it by editing the etc/org.apache.cxf.xkms.cfg file. By default, it will use File as backend repository.

Below is the example of the default configuration for the use of File backend repository:
# XKMS configuration properties
xkms.enableXKRSS=false

# Certificate repository ldap or file
xkms.certificate.repo=file

# Filesystem backend
xkms.file.storageDir=${karaf.home}/esbrepo/xkms/certificates

To use your own public certificates (*.cer files), copy them to the XKMS File backend repository in ${karaf.home}/esbrepo/xkms/certificates/trusted_cas.