+

Search Tips   |   Advanced Search

Secure communications with the Liberty profile

SSL provides transport layer security, including...

...between clients and WAS servers. Public key cryptography guarantees that when an entity encrypts data using its public key, only entities with the corresponding private key can decrypt that data. The Liberty Server uses JSSE to handle handshake negotiation, and protection capabilities. JSSE uses on X.509 certificate-based asymmetric key pairs for secure connection protection and some data encryption. Key pairs effectively encrypt session-based secret keys that encrypt larger blocks of data. The SSL implementation manages the X.509 certificates.

To configure secure communications, we can edit server.xml, set either...

Minimal only requires the SSL feature and a keystore entry to be specified. See WASdev.net website for examples.

The default SSL configuration is used to create the process default SSLContext using method...

The default SSL configuration can be the minimal SSL configuration, or the configuration identified by the sslRef attribute on the sslDefault element. Because the default SSLContext is set on the process, the javax.net.ssl.keyStore and javax.net.ssl.trustStore properties will not be recognized.


Subtopics


Parent topic: Secure the Liberty profile and its applications




Terms and conditions for information centers