Cryptographic token settings
Use this page to configure cryptographic token settings. A cryptographic token is a hardware or software device with a built-in key store implementation. The cryptographic device is used to manage certificates stored on the cryptographic tokens. These devices are also known as smartcards.
The following types of cryptographic accelerators are supported by WebSphere Application Server:
- A cryptographic hardware device that is without a persistent key storage.
- Secure cryptographic hardware, where a cryptographic token generates and securely stores the private key used for SSL key exchange.
To view this administrative console page, click Security > SSL > alias_name. Under Additional Properties, click Cryptographic token.
Configuration tab
- Token type
Specifies the type of built-in keystore file that is implemented in the cryptographic token, such as PKCS#11.
The WAS uses an implementation of Java Secure Socket Extension (JSSE) to support cryptographic token with Secure Sockets Layer (SSL). Different cryptographic devices are supported. For an SSL server, the following devices are supported:
- IBM 4758-23
- nCipher nForce
- Rainbow Cryptoswift
For an SSL client, the following devices are supported:
- IBM 4758-23
- nCipher nForce
- Rainbow Cryptoswift
- IBM Security Kit Smartcard
- GemPlus Smartcards
- Rainbow iKey 1000/2000 (USB "Smartcard" device)
- Eracom CSA8000
Follow the documentation that accompanies your device to install your cryptographic token.
Data type: String - Library file
Dynamic link library (DLL) or shared object that implements the interface to the cryptographic token device.
Data type: String - Password
Specifies the password for the cryptographic token device.
Data type: String