Before you begin
The first step in configuring Secure Sockets Layer (SSL) is to define an SSL configuration repertoire. A repertoire contains the details necessary for building an SSL connection, such as the location of the key files, their type and the available ciphers. WebSphere Application Server provides a default repertoire called DefaultSSLSettings. To view this page in the administrative console, click Security > SSL to see the list of SSL repertoire settings.Why and when to perform this task
The appropriate repertoire is referenced during the configuration of a service that sends and receives requests encrypted using SSL, such as the Web and enterprise beans containers. If an SSL configuration alias is referenced elsewhere, but the alias is deleted from the SSL Configuration Repertoires panel, the SSL connection fails if the deleted alias is accessed.With the SSL configuration repertoire, administrators can define SSL settings to use for making Hypertext Transfer Protocol with SSL (HTTPS), Internet InterORB Protocol with SSL (IIOPS) or Lightweight Directory Access Protocol with SSL (LDAPS) connections. You can pick one of the SSL settings defined here from any location within the administrative console, which supports SSL connections. This selection simplifies the SSL configuration process because you can reuse many of these SSL configurations by specifying the alias in multiple places.
Steps for this task
If you are using a Federal Information Processing Standards (FIPS)-supported Java Secure Socket Extension (JSSE), you must select High from the Security Level menu.
Use IBMJSSEFIPS only if you are using the Transport Layer Security (TLS) protocol and not the Secure Sockets Layer (SSL) protocol. See Configuring Federal Information Processing Standard Java Secure Socket Extension files for more information
On the HP-UX
platform, WebSphere Application Server uses the Sun JSSE framework and provider.
The Sun JSSE framework is not pluggable for export control reasons. The lack
of pluggability within the Sun JSSE framework prohibits WebSphere Application
Server from using the IBMJSSE or the IBMJSSEFIPS provider. The Sun JSSE framework
is part of the core IBM Developer Kit for HP-UX, Java Technology Edition,
Version 1.4.x, which is located in the java/jre/lib/jsse.jar file. Configure the JSSE
provider as a custom provider.
If you are not using the predefined providers, a custom provider might require additional properties to be configured, which are determined by the provider. If so, click Apply, then Custom Properties > New in the Additional Properties section. After the custom provider is configured, return to the SSL Configuration Repertoires window and continue with these instructions.
Results
You included additional SSL configuration repertoires with the default DefaultSSLSettings repertoire.Example
What to do next
For the changes to take effect, restart the server after saving the configuration.