Select an SSL configuration alias directly from an endpoint configuration


We can associate a secure outbound endpoint with a new SSL configuration directly. If migrating from a release prior to version 6.1, WAS still supports configurations that were selected directly at an endpoint. Direct selection always overrides centrally managed configurations and preserves migrated configurations.

Select an SSL configuration alias directly at the following endpoints:

The central management of SSL configurations can be a more efficient strategy because multiple configurations can be contained within a single SSLConfigGroup. to convert configuration references that are already directly managed to centrally managed configurations, modify each endpoint individually. Use the AdminConfig.modify command to set the sslConfigAlias value to an empty string (""). Below is an example of doing this:

See on using this command, see Set processes using scripting

For more information on specific wsadmin commands that affect a repertoire as opposed to individual endpoints, see the SSLConfigGroupCommands group for the AdminTask here, SSLConfigGroupCommands group for AdminTask.

Complete the following steps in the admin console:

These steps provide an example to follow when you directly select any of the endpoints listed above.

 

  1. Click Security > Global security > RMI/IIOP security > CSIv2 outbound transport.

  2. Click Use specific SSL alias. When you identify a specific SSL alias, you override the centrally managed scope associations.

  3. Select an SSL configuration alias from the drop-down list.

  4. Click OK.

  5. Repeat these steps for additional protocols or endpoints, if desired.

 

Results

By associating the endpoint directly, we have overridden a centrally managed SSL configuration.

 

Next steps

If we decide to use management scopes instead of endpoints to associate an SSL configuration, follow the steps above, but click Centrally managed instead of Use specific SSL alias, then click Manage endpoint security configurations. The console is redirected to Security > SSL certificate and key management > Manage endpoint security configurations.


Dynamic outbound selection of SSL configurations
Central management of SSL configurations
SSL configurations