Network Deployment (Distributed operating systems), v8.0 > Reference > Sets
Key managers settings
Use this page to define key managers implementation settings. A key manager gets invoked during an SSL handshake to determine the certificate alias to be used. The default key manager (WSX509KeyManager) performs alias selection. If more advanced function is desired, a custom key manager can be specified here and selected in the SSL configuration. From the console...
Security > SSL certificate and key management. Under Configuration settings, clickManage endpoint security configurations > {Inbound | Outbound} > ssl_configuration . Under Related items, click Key managers. On the next panel, click New.
Name
Name of the key manager, which you can select on the SSL configuration panel.
Data type: Text
Management scope
Scope where this SSL configuration is visible. For example, if you choose a specific node, then the configuration is only visible on that node and any servers that are part of that node.
Data type List Range: Applicable scopes
Standard
Key manager selection that is available from a Java provider that is installed in the java.security file. This provider might be shipped by Java Secure Sockets Extension (JSSE) or be a custom provider that implements an X509KeyManager interface.
Default: Enabled
Provider
Provider name that has an implementation of an X509KeyManager interface. This provider is typically set to IBMJSSE2.
Data type: Text Default: IBMJCE
Algorithm
Algorithm name of the trust manager implemented by the selected provider.
Data type: Text Default: IbmX509
Custom
Specifies that the key manager selection is based on a custom implementation class that implements the javax.net.ssl.X509KeyManager interface and optionally the com.ibm.wsspi.ssl.KeyManagerExtendedInfo interface to obtain additional connection information not otherwise available.
Default: Disabled
Class name
Name of the key manager implementation class.
Data type: Text
Create an SSL configuration
Related
Key managers collection