Managing digital certificates

Why and when to perform this task

Secure Sockets Layer (SSL) connections rely on the existence of digital certificates. A digital certificate reveals information about its owner, including their identity. During the initialization of an SSL connection, the server must present its certificate to the client for the client to determine the server identity. The client can also present the server with its own certificate for the server to determine the client identity. SSL is therefore, a means of propagating identity between components. Refer to Configuring Secure Sockets Layer and Creating a Secure Sockets Layer repertoire configuration entry.

A client can trust the contents of a certificate if that certificate is digitally signed by a trusted third party. A Certificate Authority (CA) acts as a trusted third party and signs certificates on the basis of its knowledge of the certificate requestor. Complete the following steps to manage digital certificates using either the key management utility (iKeyman) or the keytool utility:

Example

What to do next

Once you finish configuring security, perform the following steps to save, synchronize, and restart the servers:
  1. Click Save in the administrative console to save any modifications to the configuration.
  2. Synchronize the configuration with all node agents (Network Deployment only).
  3. Once synchronized, stop all servers and restart them.

Related concepts
Secure Sockets Layer
Related tasks
Configuring Secure Sockets Layer
Configuring IBM HTTP Server for secure sockets layer mutual authentication
Configuring the Web server plug-in for Secure Sockets Layer
Creating a Secure Sockets Layer repertoire configuration entry



Searchable topic ID:   tsecmngcert
Last updated: Jun 21, 2007 4:12:58 PM CDT    WebSphere Application Server Express, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.websphere.exp.doc/info/exp/ae/tsec_mngcert.html

Library | Support | Terms of Use | Feedback