A Secure Sockets Layer (SSL) configuration references keystore
configurations during WebSphere Application Server runtime. Whether a keystore
file was created by another keystore tool or saved from a previous configuration,
the file must be part of a keystore configuration object. You can create a
keystore configuration for the existing keystore object.
Before you begin
A keystore must already exist.
About this task
Complete the following steps in the administrative console:
Procedure
- Click Security > SSL certificate and key management > Manage
endpoint security configurations > {Inbound | Outbound}.
- Under Related Items, click Key stores and certificates,
then click New.
- Type a name in the Name field. This name uniquely
identifies the keystore in the configuration.
- Type the location of the keystore file in the Path field.
The location can be a file name or a file URL to an existing keystore
file.
- Type the keystore password in the Password field.
This password is for the keystore file that you specified in the Path field.
- Type the keystore password again in the Confirm Password field
to confirm the password.
- Select a keystore type from the list. The type that
you select is for the keystore file that you specified in the Path field.
- Select any of the following optional selections:
- The Read only selection creates a keystore configuration object
but does not create a keystore file. If this option is selected, the keystore
file that you specified in the Path field must already exist.
- The Initialize at startup selection initializes the keystore
during runtime.
- Click Apply and Save.
Results
You have created a keystore configuration object for the keystore
file that you specified. This keystore can now be used in an SSL configuration.
Note: You also can use this method to add a z/OS keyring file to
the configuration. The keyring file must be read only, not file-based.
What to do next
You can create additional keystore configurations, as needed.