Encryption information configuration settings

Encryption information configuration settings

Use this page to configure the encryption and decryption parameters.

The specifications that are listed on this page for the signature method, digest method, and canonicalization method are located in the World Wide Web Consortium (W3C) document entitled, XML Encryption Syntax and Processing: W3C Recommendation 10 Dec 2002. To view this administrative console page, complete the following steps:

  1. Click Applications > Enterprise Applications > application_name and complete one of the following steps:

    • Under Related Items, click EJB modules or Web modules > URI_file_name > Web Services: Client Security Bindings . Under Request sender binding, click Edit. Under Additional properties, click Encryption Information .

    • Under Related Items, click EJB modules or Web modules > URI_file_name > Web Services: Server Security Bindings . Under Response sender binding, click Edit. Under Additional properties, click Encryption Information .

  2. Select None or Dedicated encryption information. WebSphere Application Server can have either one or no encryption configurations for the request sender and the response sender bindings. If you are not using encryption, select None . To configure encryption for either of these two bindings, select Dedicated encryption information and specify the configuration settings using the fields that are described in this article.

Encryption information name

The name of the key locator configuration that retrieves the key for XML digital signature and XML encryption.

Key locator reference

The name that is used to reference the key locator.

You can configure these key locator reference options on the cell level, the server level, and the application level. The configurations that are listed in the field are a combination of the configurations on these three levels. To configure the key locators on the cell level, complete the following steps:

  1. Click Security > Web services .

  2. Under Additional properties, click Key locators .
To configure the key locators on the server level, complete the following steps:

  1. Click Servers > Application servers > server_name.

  2. Under Security, click Web services: Default bindings for Web services security .

  3. Under Additional properties, click Key locators .
To configure the key locators on the application level, complete the following steps:

  1. Click Applications > Enterprise applications > application_name.

  2. Under Related items, click EJB modules > URI_name.

  3. Under Additional properties, you can access the key locators for the following bindings:

Encryption key name

The name of the encryption key that is resolved to the actual key by the specified key locator.

Data type String

Key encryption algorithm

The algorithm uniform resource identifier (URI) of the key encryption method. The following algorithms are supported:

By default, the Java Cryptography Extension (JCE) is shipped with restricted or limited strength ciphers. To use 192-bit and 256- bit Advanced Encryption Standard (AES) encryption algorithms, apply unlimited jurisdiction policy files.

[iSeries] For WebSphere Application Server for OS/400 and the IBM Java Developer Kit Version 1.4, no tuning of Web services security is required. The unrestricted jurisdiction policy files for the IBM Java Developer Kit 1.4 are automatically configured when the WebSphere Application Server for OS/400 prerequisite software products are installed.

Data encryption algorithm

The algorithm Uniform Resource Identifiers (URI) of the data encryption method. The following algorithms are supported:

By default, the JCE ships with restricted or limited strength ciphers. To use 192-bit and 256- bit AES encryption algorithms, apply unlimited jurisdiction policy files. For more information, see the Key encryption algorithm field description.

Related reference
Encryption information collection
Key locator collection


Searchable topic ID: uwbs_encryptrsb