When having extra Agent keys in the key store, how Siteminder pickup/selects the Agent Keys from keystore ?
a. Does SM picks the top 4 Agent Keys from the keyStore all the time ? or is it bottom 4 keys or is it completely random selection?
b. Agent Tracing is turned ON, but not seeing which Agent Keys its using to decrypt. Is there a different log that will help understand which key its using?
I doubt the Agent tracing is friendly enough to divulge that level of Info.
Ideally we should try to clean up the duplicate keys. How to Clean up a SiteMinder Key Store? - CA Knowledge
My experience is that it is Random and once it is loaded in the Cache, it really depends on what type of Keys Dynamic OR Static keys, followed by the frequency of update which would then update the Cache.
Thanks Hubert. Agree, cleanup is the way to go. But trying to understand from PS behavior perspective on how it handles extra Agent Keys (in case of Static keys).