SSL configuration settings

Use this page to define Secure Sockets Layer (SSL) configuration properties.

To view this administrative console page, click Security > SSL certificate and key management. Under Configuration settings, click Manage endpoint security configurations > {Inbound | Outbound} > nodes name. Under Related items, click SSL configurations > New.

Name

Specifies the unique name of the SSL configuration within the management scope in which it resides. For ways to programmatically access the properties that are configured for this SSL configuration, see the com.ibm.websphere.ssl.JSSEHelper application programming interface (API).

Data type: Text

Trust store name

Specifies a reference to a specific trust store used by Java Secure Sockets Extension (JSSE). The trust store holds signer certificates that validate the trust of certificates sent by remote connections during an SSL handshake.

Data type: Text
Default: selected trust store

Key store name

Specifies a reference to a specific key store. The key store holds personal certificates that represent the identity of one side of a connection. The public key of this personal certificate is sent to the other side of the connection to establish trust during the handshake. The remote side of the connection needs the root certificate authority (CA) certificate or self-signed public key (signer) to be in the trust store to validate this personal certificate.

Data type: Text
Default: selected key store

Get certificate aliases

Queries the keystore for the aliases of all the personal certificates in the keystore from which to choose.

Default server certificate alias

Specifies the certificate alias used as the identity for this SSL configuration if one has not been specified elsewhere.

If you select None, the Java Secure Sockets Extension (JSSE) key manager determines which certificate is used. If multiple certificates exist in the key store, the key manager might not consistently select the same certificate.

Data type: Text

Default client certificate alias

Specifies the certificate alias to be used if this configuration is to be used as a client.

If you select None, the Java Secure Sockets Extension (JSSE) key manager determines which certificate is used. If multiple certificates exist in the key store, the key manager might not consistently select the same certificate.

Data type: Text

Management scope

Specifies the scope where this SSL configuration is visible. For example, if you choose a specific node, then the configuration is visible only on that node and on any servers that are part of that node.

Data type: Text



Related tasks
Creating a Secure Sockets Layer configuration
Related reference
SSL configurations collection
SecurityConfigurationCommands command group for the AdminTask object
Reference topic Reference topic    

Terms of Use | Feedback

Last updatedLast updated: Sep 19, 2011 7:16:32 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=matt&product=was-express-iseries&topic=usec_sslconfigprops
File name: usec_sslconfigprops.html