This Method forces a key update prior to expiration of KeyLifetime, i.e. it initiates an unplanned key rotation. The future keys of this SecurityGroup remain valid.
InvalidateKeys makes all keys invalid immediately and most likely this causes communication interruptions. The ForceKeyRotation Method allows faster rotation of keys without breaking communication e.g. for removing applications from a UDP multicast group.
If the SecurityGroup is related to one or more PushTargets, the SKS shall push an updated set of keys to all PushTargets.
The Client shall be authorized to modify the configuration for the SKS functionality and shall use at least a signed communication channel when invoking this Method on the Server.
Signature
ForceKeyRotation ();
Method Result Codes
ResultCode |
Description |
Bad_UserAccessDenied |
The Session user is not allowed force key rotation on this SecurityGroup. |
Bad_SecurityModeInsufficient |
The communication channel is not using signing. |
Table 215 specifies the AddressSpace representation for the ForceKeyRotation Method.
Table 215 – ForceKeyRotation Method AddressSpace definition
Attribute |
Value |
BrowseName |
ForceKeyRotation |
ConformanceUnits |
|
PubSub Model SKS |