Dynamic outbound endpoint SSL configuration settings
Set properties for dynamic outbound endpoint SSL configurations, which represent associations between SSL configurations and their target protocol, host, and port.
From the admin console, click...
Security > SSL certificate and key management > Configuration settings > Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration. Under Related items, click Dynamic [inbound | outbound] endpoint SSL configurations. Then click the New button.
When an outbound connection is attempted, this association is checked ahead of the SSL configuration scope association. This means based on the target protocol,host,port, the outbound SSL configuration used can be different than the default specified in the SSL scope configuration.
Name
Unique name of the dynamic endpoint configuration.
Information Value Data type: Text
Description
Text that describes the purpose of this dynamic selection criteria.
Information Value Data type: Text
Add connection information
Specifies select information in the form protocol,host,port for the outbound connection. ultiple selection criteria can be entered. All of the connection information for dynamic outbound selection might not be available, and we may have to adjust the dynamic outbound selection connection filter and fill in an asterisk (*) for the missing part of the connection information. An asterisk (*) can be used to mean all protocols, hosts, or ports. Use an asterisk(*) for any field.
Information Value Data type: Text An example of selection criteria is *,www.ibm.com,*, which means any time the target host is www.ibm.com, use the SSL configuration specified here. Another example selection criteria is IIOP,*,*, which means any outbound IIOP request uses the SSL configuration specified in the SSL configuration field. When there is a conflict between two selection criteria, the application server uses the first match. The list of valid protocols we can use include: IIOP, HTTP, JMS, LDAP, SIP, ADMIN_SOAP, ADMIN_IIOP, or WEBSERVICES_HTTP.
When user written applications are expecting to take advantage of dynamic outbound selections, know that not all connection information may be available. For example, the openConnection() call on an URL object ultimately calls createSocket(java.net.Socket socket, String host, int port, boolean autoClose). The connection information can be built with the host and port provided, but there is no protocol provided. In this case, a wild card, an asterisk (*), should be used for the protocol part of the dynamic selection connection information.
Add
Add the selected information from the Add select information menu to the list.
Remove
Remove the selection from the list.
SSL Configuration
The SSL configuration to be used by requests at this scope when a match occurs for the given selection criteria.
Information Value Data type: Text
Get certificate alias
When selected, the keystore within the selected SSL configuration is queried for a list of personal certificates from which to choose.
Certificate alias
Certificate alias used as the identity for the connection.
If we select None, the JSSE key manager determines which certificate is used. If multiple certificates exist in the keystore, the key manager might not consistently select the same certificate.
Information Value Data type: Text Default: (none)
Create a Secure Sockets Layer configuration Dynamic inbound and outbound endpoint SSL configurations collection