WAS v8.5 > Secure applications and their environment > Secure the Liberty profile and its applications

Secure communications with the Liberty profile

We can configure the Liberty profile server to provide secure communications between a client and the server. To configure secure communications, we can either specify a minimal SSL configuration or a detailed SSL configuration in server.xml. The minimal configuration only requires the SSL feature and a keystore entry to be specified. In the samples directory of the Liberty profile, there is an sslConfig.xml file containing several examples of SSL configurations.

The SSL configuration designated as the default SSL configuration is used to create the process's default SSLContext using the SSLContext.setDefault() method. The default SSL configuration can be the minimal SSL configuration, or the configuration identified by the sslRef attribute on the sslDefault element if multiple SSL configurations are defined. Because the default SSLContext is set on the process, the javax.net.ssl.keyStore and javax.net.ssl.trustStore properties will not be recognized.

See also

• Enabling SSL communication for the Liberty profile
  To enable SSL communication for the Liberty profile, there is a minimal set of SSL configuration options. It assumes most of the SSL options and only requires some keystore configuration information.
• Creating SSL certificates for your Liberty profile using the Utilities menu
  Using the Liberty profile Utilities menu in the developer tools, we can create an SSL certificate.
• Creating SSL certificates from the command prompt
  We can use the securityUtility command to create a default SSL certificate for use by the Liberty profile configuration.
• Configuring the web application and server for client certificate authentication
  We can configure the web application on the Liberty profile using SSL client authentication.

|