Page tree

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.



One way of creating a simple, adequate WebSphere SSL configuration would be to create a new keystore entry under "SSL certificate and key management > Key stores and certificates" and point the path to the trust store of WebSphere's JVM, usually something like /opt/IBM/WebSphere/AppServer/java/8.0/jre/lib/security/cacerts, with password "changeit", and the type to "JKS".

Root certificates of in-house certificate authorities could then be added to this trust store, and the trust store then selected as the trust store of the default SSL configuration. No extra WebSphere related configuration settings are needed in this case.

Advanced SSL configuration Services can be configured to use a particular named SSL configuration, instead of using the default WebSphere configuration,  by setting ephox.http.websphere.ssl-config-name to the name of the SSL configuration in WebSphere.


All of WebSphere's SSL security configuration - including trust stores and certificates but also protocol, cipher settings etc. - can optionally be bypassed and the JVM's SSL configuration - including the JVM trust store with its certificates - be used instead by configuringephox.http.websphere.use-ssl-config=false

Simple setup for testing or pre-production environments

For use in evaluation or pre-production environments, all SSL security can be bypassed by both configuring ephox.http.websphere.use-ssl-config=false and