Work with secure socket layer properties files
Use properties files to create, modify, or delete secure socket layer properties.
Determine the changes to make to the secure socket layer object or its properties.
Start the wsadmin scripting tool. To start wsadmin using the Jython language, run the wsadmin -lang Jython command from the bin directory of the server profile.
Using a properties file create, modify, or delete a secure socket layer object.
Run administrative commands using wsadmin to create or change a properties file for a secure socket layer, validate the properties, and apply them.
files. We can create, modify, and delete secure socket
Action Procedure create Set required properties and then run the applyConfigProperties command. modify Edit any properties and then run the applyConfigProperties command.. delete To delete the entire SecureSocketLayer object, uncomment #DELETE=true and then run the deleteConfigProperties command. create Property Not applicable delete Property Not applicable Optionally, we can use interactive mode with the commands:
AdminTask.command_name('-interactive')
- Create a properties file for a secure socket layer.
- Set SecureSocketLayer properties as needed.
Open an editor on a SecureSocketLayer properties file. Modify the Environment Variables section to match the system and set any property value that needs to be changed. To specify a custom property, edit the AttributeInfo value and properties. An example SecureSocketLayer properties file follows:
# # Header # ResourceType=SecureSocketLayer ImplementingResourceType=Security ResourceId=Cell=!{cellName}:Security=:SSLConfig=alias#CellDefaultSSLSettings,managementScope# "Cell=!{cellName}:Security=:ManagementScope=scopeName#"(cell):!{cellName}"":SecureSocketLayer= AttributeInfo=setting # # #Properties # keyFileName=null enableCryptoHardwareSupport=false #boolean,default(false) serverKeyAlias=null sslProtocol=SSL_TLS clientAuthentication=false #boolean,default(false) securityLevel=HIGH #ENUM(MEDIUM|HIGH|CUSTOM|LOW),default(HIGH) keyFileFormat=JKS #ENUM(JCEK|JKS|JCERACFKS|JCE4758RACFKS|PKCS12),default(JKS) CryptoHardwareToken"=null keyStore=CellDefaultKeyStore #ObjectName(KeyStore) enabledCiphers= keyManager=IbmX509 #ObjectName(KeyManager) trustFileFormat=JKS #ENUM(JCEK|JKS|JCERACFKS|JCE4758RACFKS|PKCS12),default(JKS) clientAuthenticationSupported=false #boolean,default(false) trustStore=CellDefaultTrustStore #ObjectName(KeyStore) keyFilePassword=null jsseProvider=IBMJSSE2 clientKeyAlias=null trustFileName=null trustFilePassword=null trustManager={IbmPKIX} #ObjectName*(TrustManager) # EnvironmentVariablesSection #Environment Variables cellName=myCell
- Run the applyConfigProperties command to create or change a secure socket layer object.
Running the applyConfigProperties command applies the properties file to the configuration. In this Jython example, the optional -reportFileName parameter produces a report named report.txt:
AdminTask.applyConfigProperties(['-propertiesFileName myObjectType.props -reportFileName report.txt '])
- Modify an existing properties file.
- Obtain a properties file for the SecureSocketLayer object to change.
We can extract a properties file for a SecureSocketLayer object using the extractConfigProperties command.
- Open the properties file in an editor and change the properties as needed.
Ensure that the environment variables in the properties file match the system.
- Run the applyConfigProperties command.
- If we no longer need the secure socket layer object, we can delete the entire SSL object.
To delete the entire object, specify DELETE=true in the header section of the properties file and run the deleteConfigProperties command; for example:
AdminTask.deleteConfigProperties('[-propertiesFileName myObjectType.props -reportFileName report.txt]')
Results
Use the properties file to configure and manage the secure socket layer object and its properties.
What to do next
Save the changes to the configuration.
Related tasks
Extracting properties files Create server, cluster, application, or authorization group objects using properties files and wsadmin scripting Delete server, cluster, application, or authorization group objects using properties files
PropertiesBasedConfiguration (AdminTask)