FreeKB - IBM WebSphere SSL configurations
IBM WebSphere - SSL configurations

If you are not familiar with how SSL works in WebSphere, check out our getting started article.

After creating a deployment manager (dmgr) profile, in the WebSphere admin console, at Security > SSL certificate and key management > SSL configurations, there will be two SSL configurations (CellDefaultSSLSettings and XDADefaultSSLSettings). Selecting one of the SSL configurations will display the truststore and keystore being used, the default certificate aliases, and additional configuration options. By default, CellDefaultSSLSettings will have the following configurations.

Notice that by default, the certificate alias drop downs are set to none. This is because the creation of a profile creates a single certificate (the alias of the certificate is "default"), thus the key manager will know to use the "default" certificate for SSL cryptography. If you add a certificate to the truststore or keystore and you do not update the drop-down to have the default certificate, then the key manager will decide which certificate will be used for SSL cryptography. If you update the drop-down to have a default certificate, then the default certificate will be used for almost all SSL cryptography functions. Default server certificate alias is a certificate from the Keystore (key.p12 by default) and Default client certificate alias is a certificate from the Truststore (if a certificate exists in the truststore, trust.p12 by default).


Add a Comment

We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.

Please enter 24cff in the box below so that we can be sure you are a human.


Web design by yours truely - me, myself, and I   |   |