ace00002.gif Managing the WebID Domain Secret


The domain cookies that you distribute to tokenholders must contain a unique identifier known as a domain secret. The domain secret is known to all the ACE/Agents in your domain that have the Domain Cookies feature enabled, and therefore must be the same on each machine.

The domain secret must be stored in the DomainData parameter of the aceagent.cfg file of every machine in the domain that has the Domain Cookies feature enabled.

Note: The domain secret data string must be 64 characters in length and can contain only the characters 0 through 9 and a through f (both upper and lower case are permitted).

For example, your domian secret will look similar to this: 2e8D115f90B5c6a. . .


To distribute the domain secret:

  1. Choose one server in the domain to be the domain cookie "source" machine. You will copy this machine's domain secret to the rest of the servers that will distribute domain cookies.
  2. cd to the /netscape_home_directory/plugins/aceagent directory.
  3. Using a text editor, such as vi, open the aceagent.cfg file.
  4. Delete the existing string value in DomainData parameter.
  5. Enter a 64-character string of random data in the DomainData parameter.
    This string can contain only the characters 0 through 9, and a through f (both upper and lower case are permitted).
  6. Write down the 64-character string or copy it to the clipboard.
  7. Save and close the aceagent.cfg file.
  8. Go or telnet to another Web server that will have the Domain Cookies feature enabled.
    Note: All ACE/Agent administration should be done over a secure connection. Do not send or ftp the domain secret in clear text.
  9. Open the aceagent.cfg file
  10. In the DomainData parameter, enter or paste in the 64-character domain secret data string.
  11. Save and close the file.
  12. Repeat steps 6-8 on each server in the domain that will have the Domain Cookies feature enabled.
  13. If you have written down the domain secret, destroy the paper on which it is written.

Domain Cookies