Based on the default installations of the application server and the DataPower® appliance manager, secure sockets layer (SSL) communication is used to send commands and receive events. The default SSL configuration used by the DataPower appliance manager can be strengthened by customizing the SSL connection. Modifying the default SSL configuration is optional and only needs to be done if the default configuration is not sufficient for your requirements.
SSL is used to send commands to each known appliance manager. In this scenario, the application server and the DataPower appliance manager behave as the SSL client and the DataPower appliances are acting as the SSL servers. This SSL connection uses the ibmPKIX trustmanager to do some verification of the DataPower appliance. Neither the certificate chain nor the revocation list for the certificate of the DataPower appliance are checked. The default configuration also does not do any SSL client validation for this scenario.
SSL is also used for the events received by the application server and the DataPower appliance manager from each DataPower appliance being managed. In this scenario, the application server and the DataPower appliance manager is the SSL server and the DataPower appliances are the SSL client. SSL client validation is also not performed in this scenario by default.