GSKit configuration for connections with Security Token Service

There are a number of GSKit attributes that we can use to control how GSKit creates SSL connections.

We can configure WebSEAL to use particular GSKit attributes when it initializes SSL connections.

The gsk-attr-name configuration entry in the [tfim-cluster:<cluster>] stanza controls the GSKit attributes that WebSEAL uses when initializing a connection with Security Token Service. We can specify this configuration entry multiple times. Include each desired GSKit attribute as a new entry.

Similar configuration entries exist in the [ssl] stanza for connections with clients and junctioned web servers.

For further details about these configuration entries, see the web reverse proxy Stanza Reference topics.

Parent topic: Single sign-on with the Security Token Service