Keys and certificates
Use this page to link to key and certificate binding configuration panels. This panel defines key and certificate bindings for JAX-WS web services only. These keys and certificates can be centrally managed by the product or in an external keystore.
We can define key and certificate bindings for message parts when editing a default cell or server binding. We can also configure application specific bindings for tokens and message parts that are required by the policy set.
To view this administrative console page when editing a default cell binding...
- Click Services > Policy sets > General provider policy set bindings (for provider bindings), or Services > Policy sets > General client policy set bindings (for client bindings).
- Click the WS-Security policy in the Policies table.
- Click the Keys and certificates link in the Main message security policy bindings section.
To view this administrative console page when we are configuring application specific bindings for tokens and message parts that are required by the policy set...
- Click Applications > Application Types > WebSphere enterprise applications.
- Select an application containing web services. The application must contain a service provider or a service client.
- Click the Service provider policy sets and bindings link or the Service client policy sets and bindings in the Web Services Properties section.
- Select a binding. We must have previously attached a policy set and assigned a application specific binding.
- Click the WS-Security policy in the Policies table.
- Click the Keys and certificates link in the Main message security policy bindings section.
Depending on the assigned security role when security is enabled, you might not have access to text entry fields or buttons to create or edit configuration data. Review the administrative roles documentation to learn more about the valid roles for the application server.
Key information - Name
Specifies the key information name. The key names listed in this field are links used to define key information attributes. Key information attributes define how cryptographic keys are generated or consumed.
Use the following buttons to work with this table:
Button Resulting Action New Inbound Creates a new inbound key information name. New Outbound Creates a new outbound key information name. Delete Removes the selected key information name listing.
Key information - Type
Type of key information.
Key information - Direction
Specifies the whether the direction of the key is inbound or outbound. .
Certificate store - Name
Specifies the certificate store name. The certificate store names listed in this table are used to configure certificate stores.
Use the following actions to work with this table:
Button Resulting Action New Inbound Creates a new inbound certificate store. New Outbound Creates a new outbound certificate store. Delete Removes the selected certificate store.
Certificate store - Direction
Whether the direction of the certificate store is inbound or outbound.
Trust anchor - Name
Trust anchor name. The trust anchor names in this table are links used to configure trust anchor certificate stores.
We can use the following buttons to work with this table:
Button Resulting Action New Creates a new trust anchor entry. Delete Removes the selected trust anchor.
Trust anchor - Keystore
Type of keystore for the trust anchor.
Subtopics
- Key information settings
Use this page to configure the key information for the selected policy set binding. Key information attributes define how cryptographic keys are generated or consumed.
- Certificate store settings
Use this page to specify the location where certificates are stored. We can reference certificate revocation for service generators or consumers.
- Trust anchor settings
Use this page to specify the trust anchor configuration. These trust anchor certificates are used to validate the X.509 certificate embedded in the SOAP message.
Related tasks
Define and manage policy set bindings Manage policy sets using the administrative console
Policy set bindings settings Key information settings Certificate store settings Trust anchor settings SSL certificate and key management Administrative roles