Searching the Help
To search for information in the Help, type a word or phrase in the Search box. When you enter a group of words, OR is inferred. You can use Boolean operators to refine your search.
Results returned are case insensitive. However, results ranking takes case into account and assigns higher scores to case matches. Therefore, a search for "cats" followed by a search for "Cats" would return the same number of Help topics, but the order in which the topics are listed would be different.
Words and Phrases
| Search for | Example | Results |
|---|---|---|
| A single word | cat
|
Topics that contain the word "cat". You will also find its grammatical variations, such as "cats". |
|
A phrase. You can specify that the search results contain a specific phrase. |
"cat food" (quotation marks) |
Topics that contain the literal phrase "cat food" and all its grammatical variations. Without the quotation marks, the query is equivalent to specifying an OR operator, which finds topics with one of the individual words instead of the phrase. |
Using Boolean Operators
| Search for | Operator | Example |
|---|---|---|
|
Two or more words in the same topic |
|
|
| Either word in a topic |
|
|
| Topics that do not contain a specific word or phrase |
|
|
| Topics that contain one string and do not contain another | ^ (caret) |
cat ^ mouse
|
| A combination of search types | ( ) parentheses |
|
Configure HP Codar properties
To configure HP Codar properties for FIPS 140-2 compliance:
-
Open a command prompt and change to the
CSA_HOME\jboss-as\directory. For example:
standalone\deployments\csa.war\WEB-INF\classesC:\Program Files\Hewlett-Packard\Codar\jboss-as\
standalone\deployments\csa.war\WEB-INF\classes/usr/local/hp/codar/jboss-as/
standalone/deployments/csa.war/WEB-INF/classes -
Open the
csa.propertiesfile in an editor.-
Verify that the
enableHPSSOproperty is either set to false or is commented out. -
Configure the following properties:
Property Description useExternalProvider Required if enabling FIPS 140-2 compliance mode. To enable, set this property to true. To disable, set this property to false or comment it out.
When enabled, Codar uses the RSA BSAFE libraries to encrypt and decrypt passwords. If a password was encrypted using different libraries (for example, if the password was encrypted before this property is enabled), the resulting decrypted password will not be valid.
If you cannot connect to the database after you have configured Codar for FIPS 140-2 compliance, try re-encrypting the database password in the database properties file.
Default: commented out/disabled
securityProviderName Required if FIPS 140-2 compliance mode is enabled. The name of the FIPS 140-2 compliant provider. By default, HP Codar uses the RSA BSAFE provider and this property should be set to JsafeJCE.
keySize Optional. The key size used for Codar encryption. By default, the key size is 128. If you manually enter a different key size when encrypting a password, uncomment this property and configure the value to the key size used to encrypt the passwords.
Note All passwords must be encrypted using the same key size.
By default, the password encryption utility encrypts all passwords using a key size of 128 (even if you do not specify a key size when running the utility).keystore Required if FIPS 140-2 compliance mode is enabled. The absolute path to and file name of the Codar encryption keystore. This is the keystore that supports PKCS #12 and stores the key used by Codar to encrypt and decrypt data in Codar.
Example (this example uses the same example name from Create an Codar Encryption Keystore section [writer: this section is part of the FIPS 140-2 Compliance chapter that was removed from this guide since FIPS is not supported for 1.50):
CSA_HOME/jboss-as/standalone/
configuration/csa_encryption_keystore.p12Note Use only forward slashes (/) as your path separators.
keyAlias Required if FIPS 140-2 compliance mode is enabled. The alias used to identify the Codar encryption key in the Codar encryption keystore.
Example (this example uses the same example namefrom Create a Codar Encryption Keystore section [writer: this section is part of the FIPS 140-2 Compliance chapter that was removed from this guide since FIPS is not supported for 1.50]:
csa_encryption_key
keystorePasswordFile Required if FIPS 140-2 compliance mode is enabled. The absolute path to and file name of the Codar encryption keystore password. This is a temporary file that stores the Codar encryption keystore password in clear text. This file is required to start the Codar service and is automatically deleted when the service is started.
The password file must contain only the following content:
keystorePassword=< Codar encryption keystore password>where
< Codar encryption keystore password>is the Codar encryption keystore password in clear text.Note Use only forward slashes (/) as your path separators.
encryptedKeyFile Required if FIPS 140-2 compliance mode is enabled. The location of the Codar encrypted symmetric key.
Example (this example uses the same example name from Create a Codar Encryption Keystore section [writer: this section is part of the FIPS 140-2 Compliance chapter that was removed from this guide since FIPS is not supported for 1.50]:
CSA_HOME/jboss-as/standalone/
configuration/key.datNote Use only forward slashes (/) as your path separators.
csaTruststore Required. The Codar keystore that stores trusted Certificate Authority certificates.
Note This property is located in another section of the
csa.propertiesfile. Its description is repeated here as its value should be updated when HP Codar has been configured to be compliant with FIPS 140‑2.Example (this example uses the same example name of the Codar server truststore from Create HP Codar encryption keystore):
CSA_HOME/jboss-as/standalone/
configuration/csa_server_truststore.p12CSA_HOME/jboss-as/standalone/
configuration/csa_server_truststore.p12Note Use only forward slashes (/) as your path separators.
csaTruststorePassword Required. The encrypted password of the Codar keystore (see Encrypt password). An encrypted password is preceded by
ENCwithout any separating spaces and is enclosed in parentheses.Default: No default specified
Example
ENC(9eC7TTnB0uGOGK5U648UITcEV5AuV5T)Note This property is located in another section of the
csa.propertiesfile. Its description is repeated here as its value should be updated when HP Codar has been configured to be compliant with FIPS 140‑2.This is the <Codar server truststore password> from Create HP Codar encryption keystore.
-
-
Copy the property values from step 2b to the
CSA_HOME\jboss-as\standalone\deployments\idm-service.war\WEB-INF\classes\idm-service.propertiesCSA_HOME/jboss-as/standalone/deployments/idm-service.war/WEB-INF/classes/idm-service.propertiesfile. The property values must be the same in both files.
We welcome your comments!
To open the configured email client on this computer, open an email window.
Otherwise, copy the information below to a web mail client, and send this email to clouddocs@hpe.com.
Help Topic ID:
Product:
Topic Title:
Feedback: