Key managers settings

To define key managers implementation settings. A key manager gets invoked during an SSL handshake to determine the certificate alias to be used. The default key manager (WSX509KeyManager) performs alias selection. If more advanced function is desired, a custom key manager can be specified here and selected in the SSL configuration.

To view this admin console page, click Security > SSL certificate and key management. Under Configuration settings, click Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration. Under Related items, click Key managers. Then click the New button.


Name of the key manager, which we can select on the SSL configuration panel.

Data type: Text


Specifies the key manager selection that is available from a Java™ provider that is installed in the file. This provider might be shipped by Java Secure Sockets Extension (JSSE) or be a custom provider that implements an X509KeyManager interface.

Default: Enabled


Provider name that has an implementation of an X509KeyManager interface. This provider is typically set to IBMJSSE2.

Data type: Text
Default: IBMJCE


Algorithm name of the trust manager implemented by the selected provider.

Data type: Text
Default: IbmX509


The key manager selection is based on a custom implementation class that implements the interface and optionally the interface to obtain additional connection information not otherwise available.

Default: Disabled

Class name

Name of the key manager implementation class.

Data type: Text


Related tasks

Create an SSL configuration



Key managers collection