Network Deployment (Distributed operating systems), v8.0 > Secure applications and their environment > Secure web services > Secure web services > Web Services Security concepts > Web Services Security concepts for v5.x applications
Collection certificate store
A collection certificate store is a collection of non-root, certificate authority (CA) certificates and certificate revocation lists (CRLs). This collection of CA certificates and CRLs is used to check the signature of a digitally signed SOAP message.There is an important distinction between v5.x and Version 6.0.x applications. The information in this article supports Version 5.x applications only that are used with WAS v6.0.x and later. The information does not apply to Version 6.0.x applications.
The collection certificate stores are used when processing a received SOAP message. This collection is configured in the securityRequestReceiverBindingConfig section of the binding file for servers and in the securityResponseReceiverBindingConfig section of the binding file for clients.
A collection certificate store is one kind of certificate store. A certificate store is defined as javax.security.cert.CertStore in the Java CertPath API. The Java CertPath API defines the following types of certificate stores:
Collection certificate store
A collection certificate store accepts the certificates and CRLs as Java collection objects.
LDAP certificate store
The LDAP certificate store accepts certificates and CRLs as LDAP entries. The CertPath API uses the certificate store and the trust anchor to validate the incoming X.509 certificate that is embedded in the SOAP message.The Web Services Security implementation in the WAS supports the collection certificate store. Each certificate and CRL is passed as an encoded file. This configuration is done using either the admin console or by scripting.
Trust anchors
Secure web services for v5.x applications using XML digital signature