Appendix D. Configuring HTTPS/SSL

If you are planning to use SSL, you must use third-party software to manage your keystores, certificates, and key generation. The HTTP connector does not come with tooling for these tasks. However, you may choose to use keytool, which ships with IBM JRE, to create self-signed certificates and to manage your keystores.

A key and certificate management utility, keytool enables you to administer your own public/private key pairs and associated certificates. These are intended for use in self-authentication (where you authenticate yourself to other users or services) or data integrity and authentication services that use digital signatures. The keytool utility also allows you to store the public keys (in the form of certificates) of peers with whom you communicate.

This appendix describes how to set up keystores using keytool. Note that this appendix is intended for illustration purposes only; it is not intended as a substitute for documentation for keytool or related products. Always refer to source documentation for the tools you use to set up keystores. For further information on keytool, see:

Copyright IBM Corp. 1997, 2004