Bootstrap FreeKB - IBM WebSphere - SSL configurations
IBM WebSphere - SSL configurations

Updated:   |  IBM WebSphere articles

If you are not familiar with how SSL works in WebSphere, check out our getting started article.

After creating a deployment manager (dmgr) profile, in the WebSphere admin console, at Security > SSL certificate and key management > SSL configurations, there will be two SSL configurations (CellDefaultSSLSettings and XDADefaultSSLSettings). Selecting one of the SSL configurations will display the truststore and keystore being used, the default certificate aliases, and additional configuration options. By default, CellDefaultSSLSettings will have the following configurations.

Notice that by default, the certificate alias drop downs are set to none. This is because the creation of a profile creates a single certificate (the alias of the certificate is "default"), thus the key manager will know to use the "default" certificate for SSL cryptography. If you add a certificate to the truststore or keystore and you do not update the drop-down to have the default certificate, then the key manager will decide which certificate will be used for SSL cryptography. If you update the drop-down to have a default certificate, then the default certificate will be used for almost all SSL cryptography functions. Default server certificate alias is a certificate from the Keystore (key.p12 by default) and Default client certificate alias is a certificate from the Truststore (if a certificate exists in the truststore, trust.p12 by default).


Did you find this article helpful?

If so, consider buying me a coffee over at Buy Me A Coffee


Add a Comment

Please enter afe45a in the box below so that we can be sure you are a human.