Configure SSL for WebSphere applications

With SSL, client applications use digital certificates to determine whether server applications are to be trusted. Likewise, server applications may require client applications to present certificates to determine whether client applications are to be trusted. In either case, applications must have access to digital certificates to open secure network connections, and these certificates must be stored in safe and secure containers that are accessable to the client applications. Additionally, mechanisms must be provided so applications can determine which certificates are to be used.

For Java applications running on WebSphere Application Server for iSeries, certificates may be stored in these types of certificate stores:

• Java keystore files (.jks files)
  Use either the IBM Key Management tool (iKeyman) or the Java keytool utility to create and manage Java keystore files. Java keystore files are the recommended certificate stores for WebSphere Application Server 5.0. For more information, see Use Java keystore files and IBM Key Managment Tool (iKeyman).

• OS/400 certificate stores
  Use of OS/400 certificate containers (.kdb files) with WebSphere applications is deprecated in Version 5.0 and can only be used with certain limitations. For more information, see Migrate applications to use Java keystores.