Trust anchors collection
Keystore objects contain trusted root certificates. These objects are used for certificate path validation of incoming X.509-formatted security tokens. Keystore objects within trust anchors contain trusted root certificates used by the CertPath API to validate the trust of a certificate chain.
To create the keystore file, use the key tool located in...$WAS_HOME/java/jre/bin/keytool
To manipulate keystore objects...Servers | Application Servers | server | Web Services: Default bindings for Web Services Security | Trust Anchors
Click New to create a new trust anchor.
Click Delete to delete a trust anchor.
If you click Update runtime, the Web services security run time is updated with the default binding information, which is contained in the ws-security.xml file that was previously saved. If you make changes on this panel, complete the following steps...
- Save your changes by clicking Save at the top of the administrative console. When you click Save, you are returned to the administrative console home panel.
- Return to the Trust Anchors collection panel and click Update runtime. When you click Update runtime, the configuration changes made to the other Web services also are updated in the Web services security run time.
Trust Anchor Name Specifies the unique name used to identify the trust anchor.
Key Store Path Specifies the location of the keystore file that contains the trust anchors.
Key Store Type Specifies the type of keystore file.
The value for this field is either JKS or JCEKS.
See AlsoTrust anchors
Configuring trust anchors using the administrative console
Configuring trust anchors using the Assembly Toolkit
Trust anchor configuration settings