JSSE for Java system properties

To use JSSE in your applications, you need to specify several system properties that the default SSLContext objects needs in order to provide confirmation of the configuration. Some of the properties apply to all providers, while others apply to only the native IBM® i provider.

When using the native IBM i JSSE provider, if you do not specify the properties, the os400.certificateContainer defaults to *SYSTEM, which means that JSSE uses the default entry in the system certificate store.

Properties that apply to the native IBM i JSSE provider and the IBM pure Java JSSE provider

The following properties apply to both JSSE providers. Each description includes the default property, if applicable.

javax.net.ssl.trustStore

The name of the file that contains the KeyStore object that you want the default TrustManager to use. The default value is jssecacerts, or cacerts (if jssecacerets does not exist).

javax.net.ssl.trustStoreType

The type of KeyStore object that you want the default TrustManager to use. The default value is the value returned by the KeyStore.getDefaultType method.

javax.net.ssl.trustStorePassword

The password for the KeyStore object that you want the default TrustManager to use.

javax.net.ssl.keyStore

The name of the file that contains the KeyStore object that you want the default KeyManager to use. The default value is jssecacerts, or cacerts (if jssecacerets does not exist).

javax.net.ssl.keyStoreType

The type of KeyStore object that you want the default KeyManager to use. The default value is the value returned by the KeyStore.getDefaultType method.

javax.net.ssl.keyStorePassword

The password for the KeyStore object that you want the default KeyManager to use.

Properties that work for the native IBM i JSSE provider only

The following properties apply to the native IBM i JSSE provider only.

os400.secureApplication

The application identifier. JSSE uses this property only when you do not specify any of the following properties:

  • javax.net.ssl.keyStore
  • javax.net.ssl.keyStorePassword
  • javax.net.ssl.keyStoreType
  • javax.net.ssl.trustStore
  • javax.net.ssl.trustStorePassword
  • javax.ssl.net.trustStoreType

os400.certificateContainer

The name of the keyring that you want to use. JSSE uses this property only when you do not specify any of the following properties:

  • javax.net.ssl.keyStore
  • javax.net.ssl.keyStorePassword
  • javax.net.ssl.keyStoreType
  • javax.net.ssl.trustStore
  • javax.net.ssl.trustStorePassword
  • javax.ssl.net.trustStoreType
  • os400.secureApplication

os400.certificateLabel

The keyring label that you want to use. JSSE uses this property only when you do not specify any of the following properties:

  • javax.net.ssl.keyStore
  • javax.net.ssl.keyStorePassword
  • javax.net.ssl.trustStore
  • javax.net.ssl.trustStorePassword
  • javax.ssl.net.trustStoreType
  • os400.secureApplication