SSL concepts
The SSL protocol involves key concepts such as certificates, certificate authority, certificate management, key stores, and trust stores.
- Certificate
- A digital certificate is a digital document that validates the identity of the certificate's owner. A digital certificate contains information about the individual, such as their name, company, and public key. The certificate is signed with a digital signature by the Certificate Authority (CA), which is a trustworthy authority.
- Certificate authority
- A certificate authority (CA) is a trusted party that creates and issues digital certificates to users and systems. The CA, as a valid credential, establishes the foundation of trust in the certificates.
- Certificate management
- Certificates and private keys are stored in files called keystores. A keystore is a database of key material. Keystore information can be grouped into two categories: key entries and trusted certificate entries. The two entries can be stored in the same keystore or separately in a keystore and truststore for security purposes. Keystores and truststores are used by both the SSL client, the IMS™ TM resource adapter, and the SSL server, IMS Connect.
- Keystore
- A keystore holds key entries, such as the private key of the IMS TM resource adapter, and the SSL client.
- Truststore
- A truststore is a keystore that holds only certificates that the user trusts. Add an entry to a truststore only if the user makes a decision to trust that entity. An example of an IMS TM resource adapter (client) truststore entry is the certificate of the target SSL server, IMS Connect.