JSSE for Java system properties
To use JSSE in your applications, you need to specify several system properties that the default SSLContext objects needs in order to provide confirmation of the configuration. Some of the properties apply to all providers, while others apply to only the native IBM® i provider.
When using the native IBM i JSSE provider, if you do not specify the properties, the os400.certificateContainer defaults to *SYSTEM, which means that JSSE uses the default entry in the system certificate store.
Properties that apply to the native IBM i JSSE provider and the IBM pure Java JSSE provider
The following properties apply to both JSSE providers. Each description includes the default property, if applicable.
javax.net.ssl.trustStore
The name of the file that contains the KeyStore object that you want the default TrustManager to use. The default value is jssecacerts, or cacerts (if jssecacerets does not exist).
javax.net.ssl.trustStoreType
The type of KeyStore object that you want the default TrustManager to use. The default value is the value returned by the KeyStore.getDefaultType method.
javax.net.ssl.trustStorePassword
The password for the KeyStore object that you want the default TrustManager to use.
javax.net.ssl.keyStore
The name of the file that contains the KeyStore object that you want the default KeyManager to use. The default value is jssecacerts, or cacerts (if jssecacerets does not exist).
javax.net.ssl.keyStoreType
The type of KeyStore object that you want the default KeyManager to use. The default value is the value returned by the KeyStore.getDefaultType method.
javax.net.ssl.keyStorePassword
The password for the KeyStore object that you want the default KeyManager to use.
Properties that work for the native IBM i JSSE provider only
The following properties apply to the native IBM i JSSE provider only.
os400.secureApplication
The application identifier. JSSE uses this property only when you do not specify any of the following properties:
- javax.net.ssl.keyStore
- javax.net.ssl.keyStorePassword
- javax.net.ssl.keyStoreType
- javax.net.ssl.trustStore
- javax.net.ssl.trustStorePassword
- javax.ssl.net.trustStoreType
os400.certificateContainer
The name of the keyring that you want to use. JSSE uses this property only when you do not specify any of the following properties:
- javax.net.ssl.keyStore
- javax.net.ssl.keyStorePassword
- javax.net.ssl.keyStoreType
- javax.net.ssl.trustStore
- javax.net.ssl.trustStorePassword
- javax.ssl.net.trustStoreType
- os400.secureApplication
os400.certificateLabel
The keyring label that you want to use. JSSE uses this property only when you do not specify any of the following properties:
- javax.net.ssl.keyStore
- javax.net.ssl.keyStorePassword
- javax.net.ssl.trustStore
- javax.net.ssl.trustStorePassword
- javax.ssl.net.trustStoreType
- os400.secureApplication