Trust and key managers settings

To specify trust and key managers for the selected SSL configuration.

To view this admin console page, click Security > SSL certificate and key management. Under Configuration settings, click Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration. Under Related items click SSL configurations > SSL_configuration_name. Under Additional Properties click Trust and key managers.

The appserver checks the default trust managers first before checking the additional ordered trust managers in descending order.

Default trust manager

Default trust manager. The default trust manager is IbmPKIX, which can be selected when certificate revocation checks must be made using the X509Certificate CRL distribution list. The other default trust manager is IbmX509.

Data type: Text
Default: ibmPKIX

Additional ordered trust managers

Specifies additional trust managers that are used in the order shown for this SSL configuration.


Specifies to add the selection to the Additional ordered trust managers right-hand list.


Specifies to remove the selection from the Additional ordered trust managers right-hand list.

Key manager

Specifies the key manager that runs for this SSL configuration.

Data type: Text
Default: IbmX509


Related tasks

Create an SSL configuration



SSL configurations collection