Trust managers collection
Use this page to define the implementation settings for the trust manager. A trust manager is a class that is invoked during a Secure Sockets Layer (SSL) handshake to make trust decisions about the remote end point. A default trust manager is used to validate the signature and expiration of the certificate. Custom trust managers can be plugged in to perform an extended certificate and host name check.
To view this administrative console page, click Security > SSL certificate and key management. Under Configuration settings, click Manage endpoint security configurations > {Inbound | Outbound} > ssl_configuration. Under Related items, click Trust managers.
| Button | Resulting action |
|---|---|
| New | Adds a new trust manager that can be selected by an SSL configuration. A trust manager is invoked during an SSL handshake and can decide whether the handshake should be accepted based on the information it knows about the remote certificate and host. |
| Delete | Deletes an existing trust manager. Make sure the trust manager is not referenced by any SSL configuration before you delete it. |
Name
Specifies the name of the trust manager. This name is used as a selection in the SSL configuration panel.
Class name
Specifies a class that implements the javax.net.ssl.X509TrustManager interface. Optionally, the class can implement the com.ibm.wsspi.ssl.TrustMangerExtendedInfo interface to get extended information about the connection. The class can use the information to verify the host name and so on.
Algorithm
Specifies the algorithm name of the trust manager that is implemented by the selected provider.