Configure SSL in WebSphere Application Server
Several WebSphere Application Server components use Secure Socket Layer (SSL) to provide secure communication. For more information, see Secure Socket Layer (SSL). In particular, SSL is used by:
- HTTPS, the application server's built-in HTTPS transport.
- ORB, the application server's client and server Object Request Broker.
- LDAPS, the administrative server's secure connection to the LDAP registry used for authentication. This is available only in WebSphere Application Server.
WebSphere applications can be configured and implemented to use SSL. The digital certificates used by such applications are stored in either Java keystore files (.jks files) or OS/400 certificate containers (.kdb files).
Note: Use of OS/400 certificate containers with WebSphere applications is deprecated in Version 5.0 and can only be used with certain limitations. For more information, see Migrate applications to use Java keystores.
Note: The Federal Information Processing Standards (FIPS)-approved Java Secure Socket Extension (JSSE) and Java Cryptography Extension (JCE) providers are not supported on iSeries. Other WebSphere Application Server platforms may support FIPS-approved cryptographic algorithms.
See these topics for more information about configuring SSL:
Change the default SSL keystore and truststore files
Configure SSL for WebSphere Application Server
Configure SSL for WebSphere applications
Configure SSL for Web client authentication
Configure IBM HTTP Server for iSeries for SSL client authentication
Configure SSL for Java client authentication
Configure SSL connections between WebSphere Application Server and an LDAP Server