SSL configuration settings

Use this page to define Secure Sockets Layer (SSL) configuration properties.

To view this administrative console page, click Security > SSL certificate and key management. Under Configuration settings, click Manage endpoint security configurations > {Inbound | Outbound} > nodes name. Under Related items, click SSL configurations > New.

Name

Specifies the unique name of the SSL configuration within the management scope in which it resides. For ways to programmatically access the properties that are configured for this SSL configuration, see the com.ibm.websphere.ssl.JSSEHelper application programming interface (API).

Information Value
Data type: Text
[z/OS]

Keyring name

Specifies the name of the keyring for the System SSL configuration. This field implies the keystore and trust store.

This field applies to System SSL repertoires only

[AIX Solaris HP-UX Linux Windows][IBM i]

Trust store name

Specifies a reference to a specific trust store used by Java Secure Sockets Extension (JSSE). The trust store holds signer certificates that validate the trust of certificates sent by remote connections during an SSL handshake.

Information Value
Data type: Text
Default: selected trust store
[AIX Solaris HP-UX Linux Windows][IBM i]

Key store name

Specifies a reference to a specific key store. The key store holds personal certificates that represent the identity of one side of a connection. The public key of this personal certificate is sent to the other side of the connection to establish trust during the handshake. The remote side of the connection needs the root certificate authority (CA) certificate or self-signed public key (signer) to be in the trust store to validate this personal certificate.

Information Value
Data type: Text
Default: selected key store
[AIX Solaris HP-UX Linux Windows][IBM i]

Get certificate aliases

Queries the keystore for the aliases of all the personal certificates in the keystore from which to choose.

[AIX Solaris HP-UX Linux Windows][IBM i]

Default server certificate alias

Specifies the certificate alias used as the identity for this SSL configuration if one has not been specified elsewhere.

If you select None, the Java Secure Sockets Extension (JSSE) key manager determines which certificate is used. If multiple certificates exist in the key store, the key manager might not consistently select the same certificate.

Information Value
Data type: Text
[AIX Solaris HP-UX Linux Windows][IBM i]

Default client certificate alias

Specifies the certificate alias to be used if this configuration is to be used as a client.

If you select None, the Java Secure Sockets Extension (JSSE) key manager determines which certificate is used. If multiple certificates exist in the key store, the key manager might not consistently select the same certificate.

Information Value
Data type: Text
[AIX Solaris HP-UX Linux Windows][IBM i]

Management scope

Specifies the scope where this SSL configuration is visible. For example, if you choose a specific node, then the configuration is visible only on that node and on any servers that are part of that node.

Information Value
Data type: Text
Reference topic    

Terms and conditions for information centers | Feedback

Last updated: April 20, 2014 08:46 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=phil&product=was-nd-mp&topic=usec_sslconfigprops
File name: usec_sslconfigprops.html