Key managers settings
To define key managers implementation settings. A key manager gets invoked during an SSL handshake to determine the certificate alias to be used. The default key manager (WSX509KeyManager) performs alias selection. If more advanced function is desired, a custom key manager can be specified here and selected in the SSL configuration.
To view this admin console page, click Security > SSL certificate and key management. Under Configuration settings, click Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration. Under Related items, click Key managers. Then click the New button.
- Name
Name of the key manager, which we can select on the SSL configuration panel.
Data type: Text
- Standard
Specifies the key manager selection that is available from a Java™ provider that is installed in the java.security file. This provider might be shipped by Java Secure Sockets Extension (JSSE) or be a custom provider that implements an X509KeyManager interface.
Default: Enabled
- Provider
Provider name that has an implementation of an X509KeyManager interface. This provider is typically set to IBMJSSE2.
Data type: Text Default: IBMJCE
- Algorithm
Algorithm name of the trust manager implemented by the selected provider.
Data type: Text Default: IbmX509
- Custom
The key manager selection is based on a custom implementation class that implements the javax.net.ssl.X509KeyManager interface and optionally the com.ibm.wsspi.ssl.KeyManagerExtendedInfo interface to obtain additional connection information not otherwise available.
Default: Disabled
- Class name
Name of the key manager implementation class.
Data type: Text
Related tasks
Create an SSL configuration
Related
Key managers collection