Skip to main content

Techdocs Library > White papers >

SSL Options in WebSphere for z/OS



Document Author:
Additional Author(s):

Mike Cox
Bill J Odonnell, Mike Loos, Rohith Ashok, Kenneth Morse, Michael Kearney


Document ID:

WP101213


Doc. Organization:

Advanced Technical Sales


Document Revised:

08/07/2013


Product(s) covered:

WebSphere Application Server for z/OS







Abstract: WebSphere for z/OS Version 6.1 underwent a major change in the way in which inbound IIOP and HTTP requests are handled by the WebSphere Application Server Control Region. Specifically, the native socket implementation which used System Secure Socket Layer (SSL) is no longer used; instead, the Channel Framework which is based upon Java Secure Socket Extension (JSSE) is now used. Note: The Daemon process continues to use System SSL as it does not contain a JVM.

This document presents different options for configuring JSSE in an Application Server with the intention of exploiting the cryptographic hardware associated with a z9 processor, specifically the Central Processor Assist for Cryptographic Functions (CPACF) instructions and the Crypto Express2 cards, when using with the Java5 hardware enabled cryptographic provider (IBMJCECCA) on z/OS.

assign_config.py
assign_config.py
create_config.py
create_config.py
WP101213.pdf
WP101213.pdf
V7 crypto instructions.pdf
V7 crypto instructions.pdf
V8 crypto instructions.pdf
V8 crypto instructions.pdf



Classification:

Hardware; Software

Category:

Security

Solution(s):

SOA Infrastructure



Platform(s):

IBM System z Family

S/W Pillar(s):

WebSphere

O/S:

z/OS

Keywords:

SSL, JSSE, crypto, 3DES, https, AES, RSA


The Techdocs Library
Is this your first visit to Techdocs (the Technical Sales Library)?

Learn more


Techdocs QuickSearch

: