Macromedia live cycle 7.2 매뉴얼
Adobe LiveCycle
Content and Format of the trust.xml File
Installing and Configuring LiveCycle Security Products for JBoss
credentials element 81
credentials element
The
credentials
element has three sub-elements that describe a type of private key container:
●
p12record
—A reference to a PKCS#12 (.p12) file stored on disk.
●
hsmrecord
—A reference to an HSM.
●
MSCAPIrecord
—A reference to an entry in the Microsoft database (on systems that run Windows).
Passwords required to access the private keys are supplied through the API and are not included in the
trust.xml file. The PDF Manipulation Module searches the credentials directory for file names. The
credentials directory is imported into the deployment unit.
trust.xml file. The PDF Manipulation Module searches the credentials directory for file names. The
credentials directory is imported into the deployment unit.
The available record types and corresponding attributes are described in this table.
Record type
Attributes
Description
p12record
alias
The name by which the credential is known to the PDF
Manipulation Module API. It must be unique in the credentials
section of the trust.xml file.
Manipulation Module API. It must be unique in the credentials
section of the trust.xml file.
p12file
The PKCS#12 file name. It is searched for among the files
imported into the deployment unit.
imported into the deployment unit.
sha1
(Optional) The SHA1 fingerprint of the corresponding
certificate. The
certificate. The
sha1
value can be used to distinguish among
different keys if more than one is stored in a single PKCS#12
file. If the
file. If the
sha1
value is not provided and the PKCS#12 file
contains multiple appropriate credentials, an exception is
raised.
raised.
hsmrecord
alias
The name by which the credential is known to the PDF
Manipulation Module API. It must be unique in the credentials
section of trust.xml.
Manipulation Module API. It must be unique in the credentials
section of trust.xml.
dllpath
The location of the DLL in the file system. For HSM support, a
DLL is required that implements the PKCS#11 interface for that
particular HSM.
DLL is required that implements the PKCS#11 interface for that
particular HSM.
slot
The slot number that identifies where the private key is stored
on the HSM.
on the HSM.
sha1
(Optional) The SHA1 fingerprint of the corresponding
certificate. The
certificate. The
sha1
value can be used to distinguish among
different keys if more than one is stored in a single PKCS#12
file. If the sha1 value is not provided and the PKCS#12 file
contains multiple appropriate credentials, an exception is
raised.
file. If the sha1 value is not provided and the PKCS#12 file
contains multiple appropriate credentials, an exception is
raised.
MSCAPIrecord
alias
The name by which the credential is known to the PDF
Manipulation Module API. It must be unique in the credentials
section of the trust.xml file.
Manipulation Module API. It must be unique in the credentials
section of the trust.xml file.
sha1
The SHA1 fingerprint of the corresponding certificate. This
value must be used to select among the different credentials
stored in the Microsoft certificate store.
value must be used to select among the different credentials
stored in the Microsoft certificate store.