Keys and certificates

Keys and certificates

This procedure documents how to define key and certificate bindings for JAX-WS Web services only.
These keys and certificates can be centrally managed by WAS ND or in an external keystore.

Default cell binding

Click...

Services | Policy sets | General provider policy set bindings | policy_name | WS-Security

...or...

Services | Policy sets | General client policy set bindings | policy_name | WS-Security

Click the Keys and certificates link in the Main message security policy bindings section.

For application specific bindings for tokens and message parts required by the policy set

Click Applications > Application Types > WebSphere enterprise apps .
Select an application that contains Web services. The application must contain a service provider or a service client.
Click the Service provider policy sets and bindings link or the Service client policy sets and bindings in the Web Services Properties section.
Select a binding. You must have previously attached a policy set and assigned a application specific binding.
Click the WS-Security policy in the Policies table.
Click the Keys and certificates link in the Main message security policy bindings section.

Depending on the assigned security role when security is enabled, we might not have access to text entry fields or buttons to create or edit configuration data. Review the administrative roles documentation to learn more about the valid roles for the appserver.

Settings

Key information – Name

Specifies the key information name. The key names listed in this field are links that are used to define key information attributes. Key information attributes define how cryptographic keys are generated or consumed.
Use the following buttons to work with this table:

Button Resulting Action
New Inbound... Creates a new inbound key information name.
New Outbound... Creates a new outbound key information name.
Delete Removes the selected key information name listing.

Key information – Type

Type of key information.

Key information – Direction

Whether the direction of the key is inbound or outbound. .

Certificate store – Name

Certificate store name. The certificate store names listed in this table are used to configure certificate stores.
Use the following actions to work with this table:

Button Resulting Action
New Inbound... Creates a new inbound certificate store.
New Outbound... Creates a new outbound certificate store.
Delete Removes the selected certificate store.

Certificate store – Direction

Whether the direction of the certificate store is inbound or outbound.

Trust anchor – Name

The trust anchor names in this table are links that are used to configure trust anchor certificate stores.
Use the following buttons to work with this table:

Button Resulting Action
New... Creates a new trust anchor entry.
Delete Removes the selected trust anchor.

Trust anchor – Keystore

Type of keystore for the trust anchor.

Subtopics

Key information settings
Certificate store settings
Trust anchor settings

Related tasks

Set policy set bindings
Manage policy sets

Related

SSL certificate and key management
Administrative roles
Policy set bindings settings

Button	Resulting Action
New Inbound...	Creates a new inbound key information name.
New Outbound...	Creates a new outbound key information name.
Delete	Removes the selected key information name listing.

Button	Resulting Action
New Inbound...	Creates a new inbound certificate store.
New Outbound...	Creates a new outbound certificate store.
Delete	Removes the selected certificate store.

Button	Resulting Action
New...	Creates a new trust anchor entry.
Delete	Removes the selected trust anchor.