Transport layer security and secure sockets layer

Administration guide > Secure the deployment environment

Transport layer security and secure sockets layer

WebSphere eXtreme Scale supports both TCP/IP and Transport Layer Security/Secure Sockets Layer (TLS/SSL) for secure communication between clients and servers.

Enable transport security for Sun JDK

WebSphere eXtreme Scale requires IBM Java™ Secure Sockets Extension (IBMJSSE) or the IBM Java Secure Sockets Extension 2 (IBMJSSE2). The IBMJSSE and IBMJSSE2 providers contain a reference implementation supporting SSL and Transport Layer Security (TLS) protocols and an application programming interface (API) framework.
The pure Sun JDK doesn't ship the IBM JSSE and IBM JSSE2 providers, therefore transport security cannot be enabled with a Sun JDK. In order to make this work, a Sun JDK shipped with WAS is required. The WAS shipped Sun JDK contains the IBM JSSE and IBM JSSE2 providers.
Read about configuring an Object Request Broker to be able to use a non-IBM JDK for WebSphere eXtreme Scale. If -Djava.endorsed.dirs is configured, it points to both the objectgridRoot/lib/endorsed and the JRE/lib/endorsed directories. The directory objectgridRoot/lib/endorsed is required so the IBM ORB is used, and the directory JRE/lib/endorsed is required to load the IBM JSSE and IBM JSSE2 providers.
Use the security tutorial to configure the required SSL properties, to create keystores and truststores, and to start secure servers in WebSphere eXtreme Scale.

Configure secure transport types
Transport layer security (TLS) provides secure communication between the client and server. The communication mechanism that is used depends on the value of the transportType parameter that is specified in the client and server configuration files.

Configure the orb.properties file for transport security support
If you are using a stand-alone environment, modify the orb.properties file to include additional properties.

Configure SSL parameters for clients or servers
How you configure SSL parameters varies between clients and servers.

Parent topic:
Secure the deployment environment

Related concepts

Security integration with WAS
Data grid authentication
Data grid security
Application client authentication
Application client authorization
Java Management Extensions (JMX) security
Security integration with external providers

Related tasks

Enable local security
Start and stop secure servers
Secure the REST data service
Troubleshoot security

Related reference

Security descriptor XML file
objectGridSecurity.xsd file

Related information

Tutorial: Integrate WebSphere eXtreme Scale security with WAS
Tutorial: Integrate WebSphere eXtreme Scale security in a mixed environment with an external authenticator

+
Search Tips | Advanced Search