IBM WebSphere - Key manager

A key manager is the component of WebSphere that decides what certificate in a keystore will be used for SSL cryptography. For example, let's say you have two certificates in a keystore, default and testing.


Let's also say the Default server certificate alias drop-down in the SSL configuration is set to "none", which means that neither the default or testing certificates are being used as the default certificate.


In this scenario, the key manager will decide if the "default" or "testing" certificate will be used. In the WebSphere admin console, you can navigate to SecurtiySSL certificate and key management > Key managers, and you'll see that ibmX509 is the name of the key manager being used.


Selecting ibmX509 will let you see that all you can really do is to change the Implementation settings (which you usually do not need to change). In other words, there isn't much to configure here. For the most part, you just let the key manager do it's thing, and you only need to consider a custom class name if the key manager is not behaving per your needs.

Add a Comment

We will never share your name or email with anyone. Enter your email if you would like to be notified when we respond to your comment.

Please enter 554de in the box below so that we can be sure you are a human.


Web design by yours truely - me, myself, and I   |   |