IBM Support

WebSphere Application Server for z/OS - Choosing a default SSl certificate

Technical Blog Post


Abstract

WebSphere Application Server for z/OS - Choosing a default SSl certificate

Body

 

If there is no cell default certificate SSL setting, then JSSE will pick one.

 

To set a default do the following:

  1. In your Deployment Manager environment, logon to the Admin console.

  2. Go to Security --> SSL certificates and key management --> manage endpoint security configurations.

  3. Under inbound, select the entry that contains your cell name followed by "(CellDefaultSSLSettings,)".

  4. Next click on update certificate alias list under SSL configuration.

  5. Next click the down arrow in the drop down list box for Certificate alias in key store.

  6. From the list select the default personal certificate you want to use.

  7. Click on OK.

  8. Click on Save.

  9. From the SSL Certificate and Key Management --> Manage endpoint security configurations, you should now see the name of the certificate you selected following "(CellDefaultSSLSettings,".

  10. You have now selected your desired default personal certificate.

    The cell level security.xml sslconfiggroups entry should now have a certificateAlias entry where "xxxxx" is whatever you chose:

    <sslConfigGroups xmi:id="SSLConfigGroup_1" name="d8cell"
    direction="inbound" certificateAlias="xxxxxx" sslConfig="SSLConfig_1"
    managementScope="ManagementScope_1" />

 

 

title image (modified) credit: (cc) Some rights reserved by Arvin61r58

 

[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"","label":""},"Component":"","Platform":[{"code":"","label":""}],"Version":"","Edition":"","Line of Business":{"code":"","label":""}}]

UID

ibm11080651