mosip · lalithkota · Jun 14, 2025
diff --git a/...-service/src/main/java/io/mosip/kernel/keymanagerservice/constant/KeymanagerConstant.java b/...-service/src/main/java/io/mosip/kernel/keymanagerservice/constant/KeymanagerConstant.java
@@ -163,8 +163,6 @@ private KeymanagerConstant() {
 	 */
 	public static final String KS_PK_NA = "NA";
 
-	public static final String ROOT = "ROOT";
-
 	public static final String REQ_SYM_KEY_GEN = "Request for Symmetric Key Generation.";
 
 	public static final int SYMMETRIC_KEY_VALIDITY = 365 * 10;

diff --git a/...e/src/main/java/io/mosip/kernel/keymanagerservice/service/impl/KeymanagerServiceImpl.java b/...e/src/main/java/io/mosip/kernel/keymanagerservice/service/impl/KeymanagerServiceImpl.java
@@ -293,7 +293,7 @@ private CertificateInfo<X509Certificate> getCertificateFromDBStore(String applic
 					}
 				});
 			}
-			if (applicationId.equalsIgnoreCase(KeymanagerConstant.ROOT)){
+			if (applicationId.equalsIgnoreCase(rootKeyApplicationId)){
 				LOGGER.error(KeymanagerConstant.SESSIONID, KeymanagerConstant.APPLICATIONID, null,
 								"Not Allowed to generate Base Key for Root Key.");
 				throw new KeymanagerServiceException(KeymanagerErrorConstant.GENERATION_NOT_ALLOWED.getErrorCode(),
@@ -306,7 +306,7 @@ private CertificateInfo<X509Certificate> getCertificateFromDBStore(String applic
 								KeymanagerErrorConstant.GENERATION_NOT_ALLOWED.getErrorMessage());
 			}
 			if (applicationId.equalsIgnoreCase(KeymanagerConstant.PARTNER_APP_ID)){
-				LOGGER.error(KeymanagerConstant.SESSIONID, KeymanagerConstant.KERNEL_APP_ID, null,
+				LOGGER.error(KeymanagerConstant.SESSIONID, KeymanagerConstant.PARTNER_APP_ID, null,
 								"Not Allowed to generate Keys for PARTNER App Id.");
 				throw new KeymanagerServiceException(KeymanagerErrorConstant.GENERATION_NOT_ALLOWED.getErrorCode(),
 								KeymanagerErrorConstant.GENERATION_NOT_ALLOWED.getErrorMessage());

diff --git a/...rc/main/java/io/mosip/kernel/partnercertservice/constant/PartnerCertManagerConstants.java b/...rc/main/java/io/mosip/kernel/partnercertservice/constant/PartnerCertManagerConstants.java
@@ -93,7 +93,5 @@ public interface PartnerCertManagerConstants {
 
 	String FTM_PARTNER_DOMAIN = "FTM";
 
-	String ROOT_APP_ID = "ROOT";
-
 	String AUTH_DOMAIN = "AUTH";
 }
diff --git a/...io/mosip/kernel/partnercertservice/service/impl/PartnerCertificateManagerServiceImpl.java b/...io/mosip/kernel/partnercertservice/service/impl/PartnerCertificateManagerServiceImpl.java
@@ -86,6 +86,9 @@ public class PartnerCertificateManagerServiceImpl implements PartnerCertificateM
 
     private static final Logger LOGGER = KeymanagerLogger.getLogger(PartnerCertificateManagerServiceImpl.class);
 
+    @Value("${mosip.root.key.applicationid:ROOT}")
+    private String rootKeyApplicationId;
+
     @Value("${mosip.kernel.partner.sign.masterkey.application.id}")
     private String masterSignKeyAppId;
 
@@ -397,7 +400,7 @@ public PartnerCertificateResponseDto uploadPartnerCertificate(PartnerCertificate
         String certId = UUID.randomUUID().toString();
 
         X509Certificate rootCert = (X509Certificate) keymanagerUtil.convertToCertificate(
-                                        keymanagerService.getCertificate(PartnerCertManagerConstants.ROOT_APP_ID, 
+                                        keymanagerService.getCertificate(rootKeyApplicationId,
                                                         Optional.of(PartnerCertManagerConstants.EMPTY)).getCertificate());
         String timestamp = DateUtils.getUTCCurrentDateTimeString();
         SignatureCertificate certificateResponse = keymanagerService.getSignatureCertificate(masterSignKeyAppId,

diff --git a/...el/keys-generator/src/main/java/io/mosip/kernel/keygenerator/generator/KeysGenerator.java b/...el/keys-generator/src/main/java/io/mosip/kernel/keygenerator/generator/KeysGenerator.java
@@ -29,8 +29,6 @@ public class KeysGenerator {
 
     private static final Logger LOGGER = Logger.getLogger(KeysGenerator.class.getName());
 
-    private static final String ROOT_APP_ID = "ROOT";
-
     private static final String BLANK_REF_ID = "";
 
     //private static final String MOSIP_CN = "MOSIP-";
@@ -39,6 +37,9 @@ public class KeysGenerator {
 
     private static final String IDENTITY_CACHE_REF_ID = "IDENTITY_CACHE";
 
+    @Value("${mosip.root.key.applicationid:ROOT}")
+    private String rootKeyApplicationId;
+
     @Value("${mosip.kernel.keymanager.autogen.appids.list}")
     private String appIdsList;
 
@@ -90,9 +91,9 @@ public class KeysGenerator {
     public void generateKeys() throws Exception {
 
         // Not required to check for key exists or not, because keymanager is checking key exists before generating new key.
-        //String rootKeyAlias = getKeyAlias(ROOT_APP_ID, BLANK_REF_ID);
+        //String rootKeyAlias = getKeyAlias(rootKeyApplicationId, BLANK_REF_ID);
         //if (Objects.isNull(rootKeyAlias)) {
-        generateMasterKey(ROOT_APP_ID, BLANK_REF_ID, rootCommonName);
+        generateMasterKey(rootKeyApplicationId, BLANK_REF_ID, rootCommonName);
         LOGGER.info("Generated ROOT Key.");
         //}
 
@@ -144,7 +145,7 @@ public void generateKeys() throws Exception {
 
     private List<String> getListKeys() {
         return Stream.of(appIdsList.split(",")).map(String::trim)
-                .filter(appId -> !appId.equalsIgnoreCase(ROOT_APP_ID))
+                .filter(appId -> !appId.equalsIgnoreCase(rootKeyApplicationId))
                 .collect(Collectors.toList());
     }
 
@@ -186,7 +187,7 @@ private void generateMasterKey(String appId, String refId, String commonName){
         requestDto.setReferenceId(refId);
         requestDto.setForce(false);
         requestDto.setCommonName(commonName);
-        String componentName = appId.equalsIgnoreCase(ROOT_APP_ID) ? "" : " (" + appId.toUpperCase() + ")";
+        String componentName = appId.equalsIgnoreCase(rootKeyApplicationId) ? "" : " (" + appId.toUpperCase() + ")";
         requestDto.setOrganizationUnit(organizationUnit + componentName);
         requestDto.setOrganization(organization);
         requestDto.setLocation(location);

diff --git a/kernel/keys-migrator/src/main/java/io/mosip/kernel/migrate/impl/BaseKeysMigrator.java b/kernel/keys-migrator/src/main/java/io/mosip/kernel/migrate/impl/BaseKeysMigrator.java
@@ -78,8 +78,6 @@ public class BaseKeysMigrator {
 
     private static final Logger LOGGER = KeymanagerLogger.getLogger(BaseKeysMigrator.class);
 
-    private static final String ROOT_APP_ID = "ROOT";
-
     private static final String BLANK_REF_ID = "";
 
     private static final String KERNEL_APP_ID = "KERNEL";
@@ -88,6 +86,9 @@ public class BaseKeysMigrator {
 
     private static final String PARTNER_APP_ID = "PARTNER";
 
+    @Value("${mosip.root.key.applicationid:ROOT}")
+    private String rootKeyApplicationId;
+
     @Value("${mosip.kernel.keymanager.autogen.appids.list}")
     private String appIdsList;
 
@@ -297,7 +298,7 @@ private void uploadKeyToNewKeyMgr(Optional<KeyAlias> keyAliasObj, String encrypt
 
     private List<String> getMasterKeysList() {
         return Stream.of(appIdsList.split(",")).map(String::trim)
-               .filter(appId -> !appId.equalsIgnoreCase(ROOT_APP_ID))
+               .filter(appId -> !appId.equalsIgnoreCase(rootKeyApplicationId))
                .collect(Collectors.toList());
     }