Secure socket layer(SSL) establishes a private communication channel between two parties by enabling encryption of the data during transmission. Each SSL certificate consist of a public key and a private key. The public key is used to encrypt information and the private key is used to decipher it. When a browser points to a
secured domain a SSL handshake authenticates the server and the client. And encryption method is established with a unique session key and secure transmission can begin. Every SSL certificate is created for a particular server in a specific domain for a verified business entity. When the SSL handshake occurs the browser requires authentication information from the server.
WebSphere Portal takes advantage of WAS and Http Server Infrastructure for most of the SSL needs. But you can configure portal for things like
- Use SSL for login process only
- Use SSL for login and protecting part of the portal such as all the authenticated pages i.e. /myportal/* URLs
- By default portal does not use SSL for either login or protecting any part of the portal