ENTERPRISE  This is an EJBCA Enterprise feature.

The service periodically downloads public keys for the configured provider(s) and updates the internal configuration accordingly. The main purpose of this service is to automatically handle provider key rollover, especially in environments where rollover may be sudden and out of control of an EJBCA administrator.  The selected providers must have Public Key input method set to Provide Key Config URL and have a valid URL configured. For configuration details, see OAuth Provider Management.

Setting

Description

Providers to Check

Select the configured provider(s) to update keys for.

Period

How often the service should update public keys from the provider. The rollover period varies between providers. For example, Azure recommends 24h intervals, see Microsoft docs on Signing key rollover in the Microsoft identity platform.

Active

Select to activate the service.

When the service is executed, there will be log entries showing if the update was successful and listing the updated keys.