Use this page to set properties for dynamic outbound endpoint SSL configurations, which represent associations between SSL configurations and their target protocol, host, and port.
To view this administrative console page, click Security > SSL certificate and key management > Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration . Under Related items, click Dynamic [inbound | outbound] endpoint SSL configurations > New.
When an outbound connection is attempted, this association is checked ahead of the Secure Sockets Layer (SSL) configuration scope association. This means based on the target protocol,host,port, the outbound SSL configuration used can be different than the default specified in the SSL scope configuration.
Specifies the unique name of the dynamic endpoint configuration.
Data type: | Text |
Specifies text that describes the purpose of this dynamic selection criteria.
Data type: | Text |
Specifies select information in the form protocol,host,port
for the outbound connection. Multiple selection criteria can be entered. All of the connection information for dynamic outbound
selection might not be available, and you may have to adjust the dynamic
outbound selection connection filter and fill in an asterisk (*) for
the missing part of the connection information.
An asterisk (*)
can be used to mean all protocols, hosts, or ports. You can use an
asterisk (*) for any field.
Data type: | Text |
An example of selection criteria is *,www.ibm.com,*, which means that any time the target host is www.ibm.com, you must use the SSL configuration specified here. Another example selection criteria is IIOP,*,*, which means that any outbound IIOP request uses the SSL configuration that is specified in the SSL configuration field. When there is a conflict between two selection criteria, the application server uses the first match. The list of valid protocols you can use include: IIOP, HTTP, JMS, LDAP, SIP, ADMIN_SOAP, ADMIN_IIOP, or WEBSERVICES_HTTP.
When user written applications are expecting to take
advantage of dynamic outbound selections, know that not all connection
information may be available. For example, the openConnection() call
on an URL object ultimately calls createSocket(java.net.Socket
socket, String host, int port, boolean autoClose). The connection
information can be built with the host and port provided, but there
is no protocol provided. In this case, a wild card, an asterisk (*),
should be used for the protocol part of the dynamic selection connection
information.
Specifies to add the selected information from the Add select information menu to the right-hand list.
Specifies to remove the selection from the right-hand list.
Specifies the SSL configuration to be used by requests at this scope when a match occurs for the given selection criteria.
Data type: | Text |
When selected, the keystore within the selected SSL configuration is queried for a list of personal certificates from which to choose.
Specifies the certificate alias that is used as the identity for the connection.
If you select None, the Java Secure Sockets Extension (JSSE) key manager determines which certificate is used. If multiple certificates exist in the keystore, the key manager might not consistently select the same certificate.
Data type: | Text |
Default: | (none) |