+

Search Tips   |   Advanced Search

X.509 certificate settings


To specify a list of untrusted, intermediate certificate files. This collection certificate store is used for certificate path validation of incoming X.509-formatted security tokens.

To view the admin console panel for the collection certificate store on the cell level...

  1. Click Security > JAX-WS and JAX-RPC security runtime.

  2. Under additional properties, click Collection certificate store.

  3. Click the name of a configured collection certificate store or create a new collection certificate store first.

  4. Under Additional properties, click X.509 certificates.

  5. Specify a new X.509 certificate path by clicking New or by clicking the X.509 certificate path to modify its settings.

To view the admin console panel for the collection certificate store on the server level...

  1. Click Servers > Server Types > WebSphere application servers > server_name .

  2. Under Security, click JAX-WS and JAX-RPC security runtime.

    In a mixed node cell with a server using Websphere Application Server version 6.1 or earlier, click Web services: Default bindings for WS-Security

  3. Under Additional properties, click Collection certificate store.

  4. Click the name of a configured collection certificate store or create a new collection certificate store first.

  5. Under Additional properties, click X.509 certificates.

  6. Specify a new X.509 certificate path by clicking New or by clicking the X.509 certificate path to modify its settings.

To view this admin console page for an X.509 certificate on the application level...

  1. Click Applications > Application Types > WebSphere enterprise apps > application_name.

  2. Under Modules, click Manage modules > URI_name.

  3. Under WS-Security Properties, we can access collection certificate stores for the following bindings:

  4. Under Additional properties, we can access the collection certificate stores for the following bindings.

  5. Click the name of a configured collection certificate store or create a new collection certificate store first.

  6. Under Additional properties, click X.509 certificates.

  7. Specify a new X.509 certificate path by clicking New or click the X.509 certificate path to modify its settings.

X.509 Certificate Path

Absolute path to the location of the X.509 certificate.

As shown in the following example, we can use the USER_INSTALL_ROOT variable as part of the path name: {USER_INSTALL_ROOT}/etc/ws-security/samples/intca2.cer. This X.509 certificate path is not for production use. Obtain our own X.509 from a certificate authority before putting the appserver environment into production.

Configure the USER_INSTALL_ROOT variable in the admin console by clicking Environment > WebSphere Variables.





 

Related tasks


Set the collection certificate store for the generator binding on the application level

 

Related


X.509 certificates collection
Collection certificate store collection
Collection certificate store settings