Java Secure Socket Extension IBMJSSE2 Overview

(Updated May, 2012)

Table of Contents


The Java Secure Socket Extension (JSSE2) is a Java package that enables secure Internet communications. It implements a Java version of SSL (Secure Sockets Layer) and TLS (Transport Layer Security) protocols and includes function for data encryption, server authentication, message integrity, and optional client authentication.

By abstracting the complex underlying security algorithms and "handshaking" mechanisms, JSSE2 minimizes the risk of creating subtle but dangerous security vulnerabilities. Furthermore, it simplifies application development by serving as a building block which developers can integrate directly into their applications. Using JSSE2, developers can provide for the secure passage of data between a client and a server running any application protocol (such as HTTP, Telnet, NNTP, and FTP) over TCP/IP.

Online documentation and samples

To download a copy of the documentation for the IBMJSSE2 provider, see the Security documentation on developerWorks. In addition to this cross platform information, z/OS specific information for JSSE2 can be found in the z/OS JSSE Reference Guide.


The z/OS version of JSSE2 does NOT provide support for PKCS11.

IBMJSSE2 uses keytool rather than iKeyman to create, import, etc. keys and certificates. keytool can create certificate requests for, and import certificates from the gskkyman utility provided

keytool is shipped as part of Java and is located in the directory: $(java_home)/bin

where: $(java_home) is the directory where the Java SDK is installed.

Browse z/OS