Key managers settings


To define key managers implementation settings. A key manager gets invoked during an SSL handshake to determine the certificate alias to be used. The default key manager (WSX509KeyManager) performs alias selection. If more advanced function is desired, a custom key manager can be specified here and selected in the SSL configuration.

To view this admin console page, click Security > SSL certificate and key management. Under Configuration settings, click Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration. Under Related items, click Key managers. Then click the New button.

Name

Name of the key manager, which we can select on the SSL configuration panel.

Data type: Text

Standard

Specifies the key manager selection that is available from a Java™ provider that is installed in the java.security file. This provider might be shipped by Java Secure Sockets Extension (JSSE) or be a custom provider that implements an X509KeyManager interface.

Default: Enabled

Provider

Provider name that has an implementation of an X509KeyManager interface. This provider is typically set to IBMJSSE2.

Data type: Text
Default: IBMJCE

Algorithm

Algorithm name of the trust manager implemented by the selected provider.

Data type: Text
Default: IbmX509

Custom

The key manager selection is based on a custom implementation class that implements the javax.net.ssl.X509KeyManager interface and optionally the com.ibm.wsspi.ssl.KeyManagerExtendedInfo interface to obtain additional connection information not otherwise available.

Default: Disabled

Class name

Name of the key manager implementation class.

Data type: Text





 

Related tasks


Create an SSL configuration

 

Related


Key managers collection