Changing the default Secure Sockets Layer repertoire key files

Use this topic to change the default Secure Sockets Layer repertoire key files.

About this task

If you modify the default digital certificates in the key rings that belongs to the node agent and the deployment managers or application servers, you must verify that the public certificate of the new certificate authority is added as a trust certificate in the key rings of all servers to which it needs to communicate. This action includes modifying the certificates so that they are issued from a different certificate authority (for example, if you use a commercial certificate authority).

Within a given cell, the:
  • Deployment manager and node agents must communicate
  • Node agents must communicate to all servers within the node
If you modify the repertoire definitions, you must update the:
  • System SSL repertoire that is used by HTTP
  • System SSL repertoire that is used for Internet InterORB Protocol (IIOP) communications
  • Java Secure Socket Extension (JSSE) repertoire that is used for the Simple Object Access Protocol (SOAP) and Java Management Extensions (JMX) connector, if applicable



In this information ...


Related concepts

IBM Redbooks, demos, education, and more

(Index)

Use IBM Suggests to retrieve related content from ibm.com and beyond, identified for your convenience.

This feature requires Internet access.

Task topic    

Terms of Use | Feedback

Last updated: Sep 20, 2010 10:03:57 PM CDT
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=vela&product=was-nd-zos&topic=tsec_defsslrepkey
File name: tsec_defsslrepkey.html