Trust managers collection


To define the implementation settings for the trust manager. A trust manager is a class that is invoked during an SSL handshake to make trust decisions about the remote end point. A default trust manager is used to validate the signature and expiration of the certificate. Custom trust managers can be plugged in to perform an extended certificate and host name check.

To view this admin console page, click Security > SSL certificate and key management. Under Configuration settings, click Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration. Under Related items, click Trust managers.


Table 1. Trust managers buttons

Button Resulting action
New Adds a new trust manager that can be selected by an SSL configuration. A trust manager is invoked during an SSL handshake and can decide whether the handshake should be accepted based on the information it knows about the remote certificate and host.
Delete Deletes an existing trust manager. Make sure the trust manager is not referenced by any SSL configuration before you delete it.

Name

Name of the trust manager. This name is used as a selection in the SSL configuration panel.

Class name

Class that implements the javax.net.ssl.X509TrustManager interface. Optionally, the class can implement the com.ibm.wsspi.ssl.TrustMangerExtendedInfo interface to get extended information about the connection. The class can use the information to verify the host name and so on.

Algorithm

Algorithm name of the trust manager that is implemented by the selected provider.





 

Related tasks


Create an SSL configuration

 

Related


Trust managers settings