Work with secure socket layer properties files

Use properties files to create, modify, or delete secure socket layer properties.

Determine the changes to make to the secure socket layer object or its properties.

Start the wsadmin scripting tool. To start wsadmin using the Jython language, run the wsadmin -lang Jython command from the bin directory of the server profile.

Using a properties file create, modify, or delete a secure socket layer object.

Run administrative commands using wsadmin to create or change a properties file for a secure socket layer, validate the properties, and apply them.

files. We can create, modify, and delete secure socket

Action	Procedure
create	Set required properties and then run the applyConfigProperties command.
modify	Edit any properties and then run the applyConfigProperties command..
delete	To delete the entire SecureSocketLayer object, uncomment #DELETE=true and then run the deleteConfigProperties command.
create Property	Not applicable
delete Property	Not applicable

Optionally, we can use interactive mode with the commands:

AdminTask.command_name('-interactive')

• Create a properties file for a secure socket layer.

  1. Set SecureSocketLayer properties as needed.

     Open an editor on a SecureSocketLayer properties file. Modify the Environment Variables section to match the system and set any property value that needs to be changed. To specify a custom property, edit the AttributeInfo value and properties. An example SecureSocketLayer properties file follows:

     #
     # Header  #
     ResourceType=SecureSocketLayer
     ImplementingResourceType=Security
     ResourceId=Cell=!{cellName}:Security=:SSLConfig=alias#CellDefaultSSLSettings,managementScope#
     "Cell=!{cellName}:Security=:ManagementScope=scopeName#"(cell):!{cellName}"":SecureSocketLayer=
     AttributeInfo=setting
     #
      #
     #Properties
     #
     keyFileName=null
     enableCryptoHardwareSupport=false #boolean,default(false)
     serverKeyAlias=null
     sslProtocol=SSL_TLS
     clientAuthentication=false #boolean,default(false)
     securityLevel=HIGH #ENUM(MEDIUM|HIGH|CUSTOM|LOW),default(HIGH)
     keyFileFormat=JKS #ENUM(JCEK|JKS|JCERACFKS|JCE4758RACFKS|PKCS12),default(JKS)
     CryptoHardwareToken"=null
     keyStore=CellDefaultKeyStore #ObjectName(KeyStore)
     enabledCiphers=
     keyManager=IbmX509 #ObjectName(KeyManager)
     trustFileFormat=JKS #ENUM(JCEK|JKS|JCERACFKS|JCE4758RACFKS|PKCS12),default(JKS)
     clientAuthenticationSupported=false #boolean,default(false)
     trustStore=CellDefaultTrustStore #ObjectName(KeyStore)
     keyFilePassword=null
     jsseProvider=IBMJSSE2
     clientKeyAlias=null
     trustFileName=null
     trustFilePassword=null
     trustManager={IbmPKIX} #ObjectName*(TrustManager)
      #
     EnvironmentVariablesSection
     #Environment Variables
     cellName=myCell

  2. Run the applyConfigProperties command to create or change a secure socket layer object.

     Running the applyConfigProperties command applies the properties file to the configuration. In this Jython example, the optional -reportFileName parameter produces a report named report.txt:

     AdminTask.applyConfigProperties(['-propertiesFileName myObjectType.props -reportFileName report.txt '])

• Modify an existing properties file.

  1. Obtain a properties file for the SecureSocketLayer object to change.

     We can extract a properties file for a SecureSocketLayer object using the extractConfigProperties command.

  2. Open the properties file in an editor and change the properties as needed.

     Ensure that the environment variables in the properties file match the system.

  3. Run the applyConfigProperties command.

• If we no longer need the secure socket layer object, we can delete the entire SSL object.

  To delete the entire object, specify DELETE=true in the header section of the properties file and run the deleteConfigProperties command; for example:

  AdminTask.deleteConfigProperties('[-propertiesFileName myObjectType.props -reportFileName report.txt]')

Results

Use the properties file to configure and manage the secure socket layer object and its properties.

What to do next

Save the changes to the configuration.

Related tasks

Extracting properties files

Create server, cluster, application, or authorization group objects using properties files and wsadmin scripting

Delete server, cluster, application, or authorization group objects using properties files

PropertiesBasedConfiguration (AdminTask)