Securing communications
WebSphere® Application Server provides several methods to secure communication between a server and a client.
About this task
Note: WebSphere Application Server provides several
methods for securing communication between a server and a client.
New in this release are functions that ensure secure communication
between a server and a client. These functions focus on certificate
management, authentication, and ensuring trust among the application
server, administrative agent, and job manager. The new functions include:
The following topics are covered in this section:- Creating and using a certificate authority (CA) clients to enable a CA to request, query, and revoke certificates.
- Creating and using chained personal certificates to allow a certificate to be signed with a longer life span.
- Creating and revoking certificate authority (CA) certificates to ensure secure communication between the CA client and the CA server.
![[z/OS]](../images/ngzos.svg)
Allowing the WebSphere Application
Server administrator to create, configure, and enable System Authorization
Facility (SAF) keyrings by utilizing the (Open Cryptographic Services
Facility) OCSF Data library functions for SAF keyrings.
Procedure
- Secure communications using Secure Sockets Layer
- Creating an SSL configuration
- Creating a keystore configuration
- Creating a certificate authority (CA) client
- Deleting a certificate authority (CA) client
- Viewing or Modifying a certificate authority (CA) client
- Creating a keystore configuration for a preexisting keystore file
- Creating a self-signed certificate
- Creating a certificate authority request
- Creating writeable SAF keyrings
- Using writeable SAF keyrings
- Extracting a signer certificate from a personal certificate
- Retrieving signers from a remote SSL port
- Adding a signer certificate to a keystore
- Adding a signer certificate to the default signers keystore
- Exchanging signer certificates in a keystore
- Configuring certificate expiration monitoring
- Key management for cryptographic uses
- Creating a key set configuration
- Creating a key set group configuration
![[AIX Solaris HP-UX Linux Windows]](../images/ngdist.svg)
Configuring the web server plug-in for
Secure Sockets Layer