Simply put, SSL is used to secure (encrypt) the packets exchanged between a client and a resource (such as an application) in WebSphere. Fortunately, a clean install of WebSphere creates many of the SSL components, which makes it fairly easy to get SSL configured in WebSphere.
For example, I deployed the FreeKB.net application to WebSphere and without having to configure SSL, I was able to get my FreeKB.net application on secure port HTTPS. So, how does this all work?
In the left panel of the WebSphere admin console, at Security > SSL certificate and key management > Key stores and certificates > CellDefaultKeyStore > Personal certificates, there is a certificate named default. The default certificate is the certificate that is used to provide SSL when requesting an application in the cell. Easy enough, right?
It is important to recognize that the default certificates include in a clean install of WebSphere are not trusted by a certificate authority, thus the web browser will state that the site being requested is not safe. This is perfectly OK when working in a development environment. However, when you are ready to publish your application to production, you certainly would not want your end users getting the message that your site is not safe. Thus begins the real journey here. Let's take a look at how you would add a certificate that is trusted by a certificate authority to WebSphere.
It is also important to recongize that if you start messing around with SSL configurations and have the following option selected, applications will start using the new SSL configurations in real time. Be careful here. You want want to disable this feature so that applications must be restarted to pick up changes made to the SSL configuration.