This example illustrates how you might configure EAServer to use JSSE:
Configuring JSSE and adding an HTTPS listener
From the Web Management Console, expand the Servers folder.
Expand the server for which you are configuring JSSE.
Select the JSSE Configuration tab.
Modify these properties:
SSL Key Store and SSL Trust Store – point to the keystore file named keystore.jks.
SSL Key Store Type and SSL Trust Store Type – JKS.
SSL Key Store Password – changeit.
SSL Trust Store Password – changeit, if you are using default trust store that ships with the JDK.
FIPS Mode Enabled – select this option.
There are four entries in the keystore.jks file, one of which is a key entry used to start an SSL listener.
Specify a key entry name for the associated profile.
Create a new security profile that uses a TLS security characteristic:
From the Security folder, right-click Profiles and select Add.
Follow the wizard to create a new security profile using these values:
Security Profile Name – test_tls.
Certificate Label – use keytool commands to identify a label. For example:
keytool -list -keystore ${keystore}
You can see keyentry and any associated alias. Use the desired entry name as the certificate label.
Security Characteristics – select domestic_tls from the drop-down list.
Click Apply to apply your changes.
Define an HTTPS listener:
From the Servers folder, expand the server to which you are adding the listener.
Select the Listeners properties tab and click https1.
Select the General tab and add an HTTPS listener at port 8001 using these settings:
Protocol – https
Port – 8001
Security Profile – test_tls
Click Apply to apply your changes.
Add the listener to the listener properties.
