Configuring the XKMS Service

Configuring the XKMS Service - 7.3

Talend ESB Infrastructure Services Configuration Guide

Version

7.3

Language

English

Product

Talend Data Fabric

Talend Data Services Platform

Talend ESB

Talend MDM Platform

Talend Open Studio for ESB

Talend Real-Time Big Data Platform

Module

Talend ESB

Talend Runtime

Content

Design and Development

Installation and Upgrade

Last publication date

2023-12-26

First of all, you need to start the XKMS service in the Talend Runtime Container. To do so, after starting the Talend Runtime Container, enter the following command at the console prompt:

tesb:start-xkms

You can also shutdown the XKMS service by entering:

tesb:stop-xkms

For more information about how to start the Talend Runtime Container, see the Talend ESB Container Administration Guide.

Once started, the XKMS service provides the following operations at http://localhost:8040/services/: Reissue, Compound, Register, Pending, Revoke, Locate, Status, Recover, and Validate.

Once the XKMS Service started, you can configure it by editing the etc/org.apache.cxf.xkms.cfg file. By default, it will use File as backend repository.

Below is the example of the default configuration for the use of File backend repository:

# XKMS configuration properties
xkms.enableXKRSS=false

# Certificate repository ldap or file
xkms.certificate.repo=file

# Filesystem backend
xkms.file.storageDir=${karaf.home}/esbrepo/xkms/certificates

To use your own public certificates (*.cer files), copy them to the XKMS File backend repository in ${karaf.home}/esbrepo/xkms/certificates/trusted_cas.