Key managers collection

Use this page to define the implementation settings for key managers. A key manager is invoked during a Secure Sockets Layer (SSL) handshake to determine which certificate alias is used. The default key manager (WSX509KeyManager) performs alias selection. If more advanced function is desired, define a custom key manager on the Manage endpoint security configurations panel.

To view this administrative console page, click Security > SSL certificate and key management. Under Configuration settings, clickManage endpoint security configurations > {Inbound | Outbound} > ssl_configuration. Under Related items, click Key managers.

Table 1. Key managers buttons . This table describes the key managers buttons.
Button	Resulting action
New	Adds a new key manager that can be selected by an SSL configuration. A key manager is invoked during an SSL handshake to select a specific certificate alias to use from a key store.
Delete	Deletes an existing key manager. The key manager should not be referenced by any SSL configuration before you can delete it.

Name

Specifies the name of the key manager, which you can select on the SSL configuration panel.

Class name

Specifies the name of the key manager implementation class. This class implements javax.net.ssl.X509KeyManager interface and, optionally, the com.ibm.wsspi.ssl.KeyManagerExtendedInfo interface.

Algorithm

Specifies the algorithm name of the key manager that is implemented by the selected provider.