Certserver.tks.encrypteddata; D.6.2. Certserver.tks.group; D.6.3. Certserver.tks.importtransportcert; D.6.4. Certserver.tks.keysetdata - Red Hat CERTIFICATE SYSTEM 8.0 - ADMINISTRATION Admin Manual

There are access control rules set for the TKS's administrative console and for access by other
subsystems to the TKS.
D.6.1. certServer.tks.encrypteddata
Controls access to the key materials and encrypted data used by the TKS to derive keys.
allow (read) group="Token Key Service Manager Agents"
Operations Description
read View encrypted data stored in the TKS.
Table D.77. certServer.tks.encrypteddata ACL Summary

D.6.2. certServer.tks.group

Controls access to the internal database for adding users and groups for the TKS instance.
allow (modify,read) group="Administrators"
Operations Description
modify Create or edit user and group entries for the instance.
read View user and group entries for the instance.
Table D.78. certServer.tks.group ACL Summary

D.6.3. certServer.tks.importTransportCert

Controls who can import the transport certificate used by the TKS to deliver keys.
allow (modify,read) group="Enterprise CA Administrators" || group="Enterprise KRA
Administrators" || group="Enterprise OCSP Administrators" || group="Enterprise TKS
Administrators" || group="Enterprise TPS Administrators"
Operations Description
modify Update the TKS's transport certificate.
read View the TKS's transport certificate.
Table D.79. certServer.tks.importTransportCert ACL Summary

D.6.4. certServer.tks.keysetdata

Controls who can view information about key sets derived and stored by the TKS.

certServer.tks.encrypteddata

519