Search Tips   |   Advanced Search

Default chained certificate configuration in SSL

When a WebSphere Application Server process starts for the first time, the SSL run time initializes the default keystores and truststores specified in the SSL configuration.

The chained certificates created during profile creation have a 1 year life span by default. The default root certificate used to sign the default chained certificate has a life span of 15 years. The life span of the default and the root certificates can be customized during profile creation. An advantage in this type of chained certificate is that only the signer from the root certificate is needed to establish trust. When the chained certificate is regenerated with the same root certificate, clients using that root signer certificate for trust do not lose their trust.


  • Secure communications using SSL
  • Renewing a certificate in SSL
  • PersonalCertificateCommands