WAS v8.5 > Secure applications > Secure communications > Secure communications using SSL

Dynamic outbound selection of Secure Sockets Layer configurations


The runtime matches the outbound protocol, target host, and target port attributes with the dynamic outbound selection information associated with an SSL configuration and certificate alias in the configuration.

The runtime caches both selection misses and selection hits, so the impact on performance can be minimal. However, a relationship exists between the amount of dynamic outbound selection information and its impact on the initial connection performance.


Target information during outbound connections

The dynamic outbound selection configurations are only effective when the outbound protocol uses the JSSEHelper API when we select an SSL configuration with a specified connectionInfo hash map. This hash map must contain the following properties:

com.ibm.ssl.direction

The value for outbound connections is OUTBOUND.

com.ibm.ssl.remoteHost

The format should match what the protocol provides. Typically this is the canonical DNS, but it also could be the IP address. The name comparison is performed as a case-insensitive comparison. There is no name resolution processing performed during the string comparison.

com.ibm.ssl.remotePort

The port is target port.

com.ibm.ssl.endPointName

The value for an outbound connection must be one of the following protocol strings:

  • IIOP
  • HTTP
  • SIP
  • LDAP
  • ADMIN_IPC
  • ADMIN_SOAP
  • BUS_TO_BUS
  • BUS_CLIENT
  • BUS_TO_WEBSPHERE_MQ
  • WEBSPHERE_MQ_CLIENT


+

Search Tips   |   Advanced Search