Specifies the name-value pairs that you can use to configure additional
SSL settings beyond those available in the com.ibm.ssl.protocol administrative
interface.
This value is the SSL protocol used (including its version). The possible
values are SSL, SSLv2, SSLv3, TLS, or TLSv1. The default value, SSL, is backward-compatible
with the other SSL protocols.
- com.ibm.ssl.keyStoreProvider
- The name of the key store provider to use. Specify one of the security
providers listed in your java.security file, which has a keystore
implementation. The default value is IBMJCE.
- com.ibm.ssl.keyManager
- The name of the key management algorithm to use. Specify any key management
algorithm that is implemented by one of the security providers listed in your java.security file.
The default value is IbmX509.
- com.ibm.ssl.trustStoreProvider
- The name of the trust store provider to use. Specify one of the security
providers listed in your java.security file, which has a truststore
implementation. The default value is IBMJCE.
- com.ibm.ssl.trustManager
- The name of the trust management algorithm to use. Specify any trust management
algorithm that is implemented by one of the security providers listed in your java.security file.
The default value is IbmX509.
- com.ibm.ssl.trustStoreType
- The type or format of the truststore file. The possible values are JKS,
PKCS12, JCEK. The default value is JKS.
- com.ibm.ssl.enabledCipherSuites
- The list of cipher suites to enable. By default, this is not set and the
set of cipher suites used is determined by the value of the security level
(high, medium, or low). A cipher suite is a combination of cryptographic algorithms
used for an SSL connection. Enter a space-separated list of any of the following
cipher suites:
- SSL_RSA_WITH_RC4_128_MD5
- SSL_RSA_WITH_RC4_128_SHA
- SSL_RSA_WITH_DES_CBC_SHA
- SSL_RSA_WITH_3DES_EDE_CBC_SHA
- SSL_DHE_RSA_WITH_DES_CBC_SHA
- SSL_DHE_RSA_WITH_3DES_EDE_CBC_SHA
- SSL_DHE_DSS_WITH_DES_CBC_SHA
- SSL_DHE_DSS_WITH_3DES_EDE_CBC_SHA
- SSL_RSA_EXPORT_WITH_RC4_40_MD5
- SSL_RSA_EXPORT_WITH_DES40_CBC_SHA
- SSL_RSA_EXPORT_WITH_RC2_CBC_40_MD5
- SSL_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA
- SSL_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA
- SSL_RSA_WITH_NULL_MD5
- SSL_RSA_WITH_NULL_SHA
- SSL_DH_anon_WITH_RC4_128_MD5
- SSL_DH_anon_WITH_DES_CBC_SHA
- SSL_DH_anon_WITH_3DES_EDE_CBC_SHA
- SSL_DH_anon_EXPORT_WITH_RC4_40_MD5
- SSL_DH_anon_EXPORT_WITH_DES40_CBC_SHA