Web Services - Trust anchor configuration settings

Web Services - Trust anchor configuration settings

+
Search Tips | Advanced Search

Use this information to configure a trust anchor. Trust anchors point to keystores that contain trusted root or self-signed certificates. This information enables you to specify a name for the trust anchor and the information that is needed to access a keystore. The application binding uses this name to reference a predefined trust anchor definition in the binding file (or the default).
To view this administrative console page for trust anchors on the cell level, complete the following steps:

Click...
Security | Web services | Trust anchors

Click New to create a trust anchor or click the name of an existing configuration to modify its settings.

To view this administrative console page for trust anchors on the server level...

Click...
Servers | Application servers | servername | Security | Web services: Default bindings for Web services security | Additional properties | Trust anchors

Click New to create a trust anchor or click the name of an existing configuration to modify its settings.

To view this administrative console page for trust anchors on the application level,

Click...
Applications | Enterprise applications | appname | EJB modules or Web modules | URI_name

Under Additional properties, one can access trust anchors information for the following bindings:

For the Response consumer (receiver) binding, click...
Web services: Client security bindings | Response consumer (receiver) binding | Edit custom

For the Request consumer (receiver) binding, click...
Web services: Server security bindings | Request consumer (receiver) binding | Edit custom

Under Additional properties, one can access the trust anchors information for the following bindings:

For the Response receiver binding, click...
Web services: Server security bindings | Response receiver binding | Edit

For the Request receiver binding, click...
Web services: Server security bindings | Request receiver binding | Edit

Under Additional properties, click Trust anchors.
Click New to create a trust anchor or click the name of an existing configuration to modify its settings.

Trust anchor name

Specifies the unique name that is used by the application binding to reference a predefined trust anchor definition in the default binding.

Key store password

Specifies the password that is needed to access the key�store file.

Key store path

Specifies the location of the keystore file.
Use ${USER_INSTALL_ROOT} as this path expands to the WebSphere Application Server path on your machine.

Key store type

Specifies the type of keystore file.
Choose from the following options:

JKS

Use this option if you are not using Java Cryptography Extensions (JCE).

JCEKS

Use this option if you are using Java Cryptography Extensions.

PKCS11KS (PKCS11)

Use this format if your keystore uses the PKCS#11 file format. Keystores that use this format might contain Rivest Shamir Adleman (RSA) keys on cryptographic hardware or might encrypt keys that use cryptographic hardware to ensure protection.

PKCS12KS (PKCS12)

Use this option if your keystore uses the PKCS#12 file format.

Default JKS
Range JKS, JCEKS, PKCS11KS (PKCS11), PKCS12KS (PKCS12)

Default	JKS
Range	JKS, JCEKS, PKCS11KS (PKCS11), PKCS12KS (PKCS12)