Dynamic outbound endpoint SSL settings


To set properties for dynamic outbound endpoint SSL configurations, which represent associations between SSL configurations and their target protocol, host, and port.

To view this admin console page, click Security > SSL certificate and key management. Under Configuration settings, click Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration. Under Related items, click Dynamic [inbound | outbound] endpoint SSL configurations. Then click the New button.

When an outbound connection is attempted, this association is checked ahead of the SSL configuration scope association. This means based on the target protocol,host,port, the outbound SSL configuration used can be different than the default specified in the SSL scope configuration.

Name

Unique name of the dynamic endpoint configuration.

Data type: Text

Description

Specifies text that describes the purpose of this dynamic selection criteria.

Data type: Text

Add connection information

Specifies select information in the form protocol,host,port for the outbound connection. Multiple selection criteria can be entered. An asterisk (*) can be used to mean all protocols, hosts, or ports. Use an * for any field.

Data type: Text

An example of selection criteria is *,www.ibm.com,*, which means that any time the target host is www.ibm.com, use the SSL configuration specified here. Another example selection criteria is IIOP,*,*, which means that any outbound IIOP request uses the SSL configuration specified in the SSL configuration field. When there is a conflict between two selection criteria, the appserver uses the first match. The list of valid protocols we can use include: IIOP, HTTP, JMS, LDAP, SIP, ADMIN_SOAP, ADMIN_IIOP, or WEBSERVICES_HTTP.

Add

Specifies to add the selected information from the Add select information menu to the right-hand list.

Remove

Specifies to remove the selection from the right-hand list.

SSL Configuration

SSL configuration to be used by requests at this scope when a match occurs for the given selection criteria.

Data type: Text

Get certificate alias

When selected, the keystore within the selected SSL configuration is queried for a list of personal certificates from which to choose.

Certificate alias

Certificate alias used as the identity for the connection.

If we select None, the Java™ Secure Sockets Extension (JSSE) key manager determines which certificate is used. If multiple certificates exist in the keystore, the key manager might not consistently select the same certificate.

Data type: Text
Default: (none)





 

Related tasks


Create an SSL configuration

 

Related


Dynamic inbound and outbound endpoint SSL configurations collection