Trust and key managers settings
Use this page to specify trust and key managers for the selected SSL configuration.
To view this console page, click Security > SSL certificate and key management > Manage endpoint security configurations > Inbound | Outbound > SSL_configuration_name. Under Related items click SSL configurations > SSL_configuration_name | New. Under Additional Properties click Trust and key managers.
The appserver checks the default trust managers first before checking the additional ordered trust managers in descending order.
Configuration tab
- Default trust manager
Specify the default trust manager, which is typically the IbmX509 trust manager by the IBMJSSE2 provider. The other default trust manager is IbmPKIX, which can be selected when certificate revocation checks must be made using the X509Certificate CRL distribution list. The IbmPKIX trust manager does not perform as well as the IbmX509 trust manager.
Data type: Text Default: ibmX509TrustManager
- Additional ordered trust managers
Specify additional trust managers that are used in the order shown for this SSL configuration.
- Add
Specify to add the selection to the Additional ordered trust managers right-hand list.
- Remove
Specify to remove the selection from the Additional ordered trust managers right-hand list.
- Key manager
Specify the key manager that runs for this SSL configuration.
Data type: Text Default: IbmX509KeyManager
Related tasks
Creating a Secure Sockets Layer configuration
Related Reference
SSL configurations collection
Reference topic