SSL is setup by default during the create of a profile, so that HTTPS can be used to encrypt traffic between client and server. For example, after a dmgr profile is created, you can use HTTPS to access the dmgr web console.
Likewise, when you deploy an app to WebSphere, the app can be accessed over HTTPS.
By default, the HTTPS port for apps running in an applicatoin server is 9443, and SSL is enabled on the port. You can see this by navigating to Servers > Server types > select your application server > Web container settings > Web containter transport chains.
The certificate being used to encrypt the traffic between client and server can be viewed in the browser. If you want to view the certificate in the dmgr or on the WebSphere server itself, the SHA1 fingerprint can be used. The SHA1 fingerprint of the certificate can be viewed in the browser.
To locate the certificate in the dmgr, navigate to Security > SSL certificate and key management > Key stores and certificates. By default, when a profile is created, two keystores are created:
In either of these keystores, select Personal certificates. When a profile is created, the only certificate in the keystore will be the "default" certificate.
Selecting the default certificate will show the SHA1 fingerprint, which can be compared to the SHA1 fingerprint you obtained when viewing the certificate in the browser.
By default, the default certificate in the CellDefaultKeyStore is used to encrypt traffic when connecting to the dmgr, and the default certificate in the NodeDefaultKeyStore is used to encrypt traffic when connecting to an app that has been deployed WebSphere.