RSA Product Set: Access Manager
RSA Version/Condition: 5.5
Changing the key server parameter cleartrust.keyserver.token_lifetime in a live environment with multiple key servers has the potential to disrupt currently authenticated users. How can this be done with minimal impact on user's web session experience?
During the configuration update process, ensure that all RSA ClearTrust Web Agents have their cleartrust.agent.idle_timeout set to match the lowest value of cleartrust.keyserver.token_lifetime in the keyserver.conf file.