Key managers settings
Use this page to define key managers implementation settings. A key manager gets invoked during an SSL handshake to determine the certificate alias to be used. The default key manager (WSX509KeyManager) performs alias selection. If more advanced function is desired, a custom key manager can be specified here and selected in the SSL configuration.
To view this console page, click Security > SSL certificate and key management > Manage endpoint security configurations > Inbound | Outbound > SSL_configuration_name. Under Related items, click Key managers > New.
Configuration tab
- Name
- Name of the key manager, which you can select on the SSL configuration panel.
Data type: Text
- Standard
Specify the key manager selection that is available from a Java provider that is installed in the java.security file. This provider might be shipped by Java Secure Sockets Extension (JSSE) or be a custom provider that implements an X509KeyManager interface.
Default: Enabled
- Provider
Provider name that has an implementation of an X509KeyManager interface. This provider is typically set to IBMJSSE2.
Data type: Text Default: IBMJCE
- Algorithm
Specify the algorithm name of the trust manager implemented by the selected provider.
Data type: Text Default: IbmX509
- Custom
Specify that the key manager selection is based on a custom implementation class that implements the javax.net.ssl.X509KeyManager interface and optionally the com.ibm.wsspi.ssl.KeyManagerExtendedInfo interface to obtain additional connection information not otherwise available.
Default: Disabled
- Class name
- Name of the key manager implementation class.
Data type: Text
Related tasks
Creating a Secure Sockets Layer configuration
Related Reference
Key managers collection
Reference topic