A provider is a centrally configured resource that supplies services to run time components in the server. For example, a keystore provider centralizes the definition of one security keystore, including its type, file location, and password.
A provider is referenced by name in components that require its services, which allows re-usability and less complexity on the component’s configuration.
One provider can refer to another provider. For example, the SSL provider requires keystore and truststore providers that it references by name.
The following is a list of providers and their functions.
Security Providers
Keystores. Standard repositories of security certificates that are used in encryption and digital signature operations.
SSL Context. Defines the parameters used for transport layer security. Incorporates required keystore providers.
Directory Certstore. Defines directories from which certificates and CRLs can be loaded into a certificate store.
Directory Provider. Directories house information organized by keys and context. The most commonly used directories are accessed through LDAP.
XML Namespace Map Provider. Defines a set of xmlns prefixes and URIs for XML namespaces. Used by components such as XMLDSig Services.
Pooling Provider. The HTTP Client provider allows HTTP connections to be shared among iSM components. An instance of the HTTP Client Provider represents a pool of connections.
The following is a list of the security providers and their functions:
Keystore. Is a database of key material used for authentication and data integrity check. Some keystores can contain both encryption keys and security certificates. Formally, however, a keystore holds the private key for one or more PKI key pairs.
Truststore. Is a database of key material same as keystore. It holds the public certificates of trusted partners. Although it is possible to share a single file with the keystore, formally a truststore and a keystore are separate entities.
Certstore. Is a database of public key certificates and Certificate Revocation Lists used for CRL checking.