GlobalSecurity SSL - cws-khuntly/WebSphere GitHub Wiki

date: 2025-05-08 12:55:30 created: 2025-05-08 12:55:20 categories:

  • WebSphere / Server Build / Deployment Manager / Configuration / Global Security

Global Security - SSL

Login to the ISC

Navigate to Global Security -> SSL certificate and key management

Select SSL configurations

For each SSL configuration entry, perform the following steps:

Select the configuration entry

Click "Custom properties"

Add the following custom property:

 - Name: com.ibm.ssl.verifyHostname

 - Value: true

Save changes

Configure SSL Certificate monitoring

Global Security -> SSL certificate and key management

Select "Manage certificate expiration"

Select "Notifications"

Click "New"

 - Notification name: SSL Certificate Notifications

 - Check "Email sent to notification list"

 - Email address to add: [email protected]

 - Outgoing mail (SMTP) server: smtp.cwsna.com

 - Click "Add"

 - Click "OK"

Update QoP settings

Global Security -> SSL certificate and key management -> SSLconfigurations

Click "CellDefaultSSLSettings"

Click "Quality of protection (QoP) settings"

 - In the "Protocol" section, select "Predefined protocols", and select "SSL_TLSv2"

 - Click "OK"

Click "NodeDefaultSSLSettings" for each federated node

Click "Quality of protection (QoP) settings"

 - In the "Protocol" section, select "Predefined protocols", and select "SSL_TLSv2"

 - Click "OK"

Save changes

Navigate to System Adminstration -> Nodes

Select all nodes and click "Full Resynchronize"

⚠️ **GitHub.com Fallback** ⚠️