Configure HTTP outbound transport-level security using Java properties

This topic explains how to configure the HTTP outbound transport level security for a Web service using Java properties

 

Before you begin

This task is one of three ways that one can configure HTTP outbound transport-level security for a Web service that is acting as a client to another Web service. We can also configure the HTTP outbound transport level security with the administrative console or an assembly tool. However, one can also use this task to configure the HTTP outbound transport-level security for a Web service client.

 

Overview

If you choose to configure the HTTP outbound transport-level security with the administrative console or an assembly tool, the Web services security binding information is modified.

If you configure the HTTP outbound transport-level security using Java properties, the properties are configured as system properties. However, the configuration specified in the binding takes precedence over the Java properties.

One can configure the HTTP outbound transport-level security using WebSphere SSL properties or JSSE SSL properties. However, the WebSphere SSL properties take precedence over the JSSE SSL properties.

Configure the HTTP outbound transport-level security with the following steps provided in this task section.

 

Procedure

1. Create a property file that includes the following properties:

   com.ibm.ssl.protocol
   com.ibm.ssl.keyStoreType
   com.ibm.ssl.keyStore
   com.ibm.ssl.keyStorePassword
   com.ibm.ssl.trustStoreType
   com.ibm.ssl.trustStore
   com.ibm.ssl.trustStorePassword
   

2. Set the com.ibm.webservices.sslConfigURL Java system property to the absolute path of the created property file. If no WebSphere SSL properties are defined, the JSSE SSL properties are used. Set the JSSE SSL properties as JVM custom properties. See Using Java Secure Socket Extension and Java Cryptography Extension with servlets and enterprise bean files for more information about setting the JSSE SSL properties.

 

Result

You have configured the HTTP outbound transport-level security for a Web service acting as a client to another Web service.

 

What to do next

---

 

See Also

HTTP basic authentication

 

Related Tasks

Configuring Federal Information Processing Standard Java Secure Socket Extension files
Securing Web services for v5.x applications based on WS-Security

 

See Also

HTTP SSL Configuration collection

 

---