Configure HTTP outbound transport level security
The HTTP outbound transport-level security for a Web service is based on the SSL configuration of the WAS Web container.
To configure HTTP outbound transport-level security...
- Use either the WAS administrative console or the Assembly Toolkit to configure the HTTP outbound transport-level security for a Web Service acting as a client to another Web service.
- Use the Assembly Toolkit to configure the HTTP SSL Configuration in the Web Services Client Port Binding page, which is available by clicking webservicesclient.xml file.
- After installing the Web services application, use the administrative console to configure the Web services client security binding collection. To access the collection...Applications | Enterprise Applications | Web Modules or EJB Modules | URI Name | Web Services: Client Security Bindings.
If the HTTP outbound transport-level security settings are not configured, the default SSL settings for the JSSE file are used.
- Use the properties to configure the HTTP outbound transport-level security for a Web service client.
- Create a property file that includes the following properties...com.ibm.ssl.protocol com.ibm.ssl.keyStoreType com.ibm.ssl.keyStore com.ibm.ssl.keyStorePassword com.ibm.ssl.trustStoreType com.ibm.ssl.trustStore com.ibm.ssl.trustStorePassword
- Set the com.ibm.webservices.sslConfigURL Java system property to the absolute path of the created property file.
If the outbound transport-level security is not configured, the default SSL settings of the JSSE file are used.
- (Optional) Accept the redirection of HTTP request to a different URI in HTTPS.A redirection of the HTTP request to a different URI in HTTPS can occur if the transport guarantee of CONFIDENTIAL or INTEGRAL is configured in the application. To accept the redirection, you can do either of the following tasks...