Create a keystore configuration
Overview
A SSL configuration references keystore configurations during WAS runtime. Whether a keystore file was created by another keystore tool or saved from a previous configuration, the file must be part of a keystore configuration object. You can create a keystore configuration for the existing keystore object.
A keystore must already exist.
Complete the following steps in the console:
Procedure
- Click...
Security | SSL certificate and key management | Manage endpoint security configurations | {Inbound | Outbound} | SSL_configuration | Key stores and certificates | New
- Type a name in the Name field. This name uniquely identifies the keystore in the configuration.
- Type the location of the keystore file in the Path field. The location can be a file name or a file URL to an existing keystore file.
- Type the keystore password in the Password field. This password is for the keystore file specified in the Path field.
- Type the keystore password again in the Confirm Password field to confirm the password.
- Select a keystore type from the list. The type that you select is for the keystore file specified in the Path field.
- Select any of the following optional selections:
- The Read only selection creates a keystore configuration object but does not create a keystore file. If this option is selected, the keystore file specified in the Path field must already exist.
- The Initialize at startup selection initializes the keystore during runtime.
- Click Apply and Save.
Results
You have created a keystore configuration object for the keystore file specified. This keystore can now be used in an SSL configuration.
What to do next
You can create additional keystore configurations, as needed.
Configure a hardware cryptographic keystore
Manage keystore configurations remotely
Key stores and certificates collection
Key store settings
Key managers collection
Key managers settings
Related concepts
Keystore configurations
Secure Sockets Layer configurations
Related Reference
Key stores and certificates exchange signers