Page History

...

Following is an example of JSM manager.properties file:

...

...

    #
    # Java Service Manager configuration

...

    #
    # javax.net.ssl.keyStore=

...

    # javax.net.ssl.keyStoreType=jks

...

    # javax.net.ssl.keyStorePassword=

...

    # javax.net.ssl.trustStore=

...

    # javax.net.ssl.trustStoreType=jks

...

    # javax.net.ssl.trustStorePassword=

...

    # javax.net.debug=all

...

    # javax.net.debug=ssl,handshake,data,trustmanager

...

    #

Java Trust/Key Store

By default, IBM Technology for Java JDK's use the cacerts trust/key store file.

...

The cacerts file is located in one of the following directories.

...

    /QOpenSys/QIBM/ProdData/JavaVM/jdk50/32bit/jre/lib/security

...

    /QOpenSys/QIBM/ProdData/JavaVM/jdk50/64bit/jre/lib/security

...

    /QOpenSys/QIBM/ProdData/JavaVM/jdk60/32bit/jre/lib/security

...

    /QOpenSys/QIBM/ProdData/JavaVM/jdk60/64bit/jre/lib/security

...

    /QOpenSys/QIBM/ProdData/JavaVM/jdk70/32bit/jre/lib/security
 

...

   /QOpenSys/QIBM/ProdData/JavaVM/jdk70/64bit/jre/lib/security

...

    /QOpenSys/QIBM/ProdData/JavaVM/jdk80/32bit/jre/lib/security

...

    /QOpenSys/QIBM/ProdData/JavaVM/jdk80/64bit/jre/lib/security

SSL Client Authentication on the Client

...

If the server is configured for client authentication then after the client has authenticated the server, the server requests the client's certificate.

...

    <VirtualHost 10.2.0.170>

...

      Options None

...

      ServerName SERVER1

...

      SSLEngine On

...

      SSLClientAuth required

...

      SSLAppName QIBM_HTTP_SERVER_JSMSSL

...

    </VirtualHost>

The client then sends its signed certificate, and the server performs the same authentication process as the client did, comparing the client certificate to a library of existing certificates.

...