Trust and key managers settings

Specify trust and key managers for the selected SSL configuration.

From the admin console, click...

        Security > SSL certificate and key management > Configuration settings > Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration > Related items > SSL configurations > SSL_configuration_name > Additional Properties > Trust and key managers.

(ZOS) From the admin console, click...

        Security > SSL certificate and key management > Configuration settings > Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration > Related items > SSL configurations > SSL_configuration_name > Additional Properties > Trust and key managers.

The application server checks the default trust managers first before checking the additional ordered trust managers in descending order.

Default trust manager	Default trust manager. The default trust manager is IbmPKIX, which can be selected when certificate revocation checks must be made using the X509Certificate CRL distribution list. The other default trust manager is IbmX509.
Additional ordered trust managers	Specifies additional trust managers used in the order shown for this SSL configuration.
Add	Add the selection to the Additional ordered trust managers list.
Remove	Remove the selection from the Additional ordered trust managers list.
Key manager	Key manager that runs for this SSL configuration. Default: IbmX509

Create a Secure Sockets Layer configuration

SSL configurations collection