Certificate store settings
To specify the location where certificates are stored. We can reference certificate revocation for service generators or consumers.
We can specify the location where certificates are stored when we are editing a default cell or server binding. We can also configure application specific bindings for tokens and message parts that are required by the policy set.
To view this admin console page when we are editing a default cell binding...
- Click Services > Policy sets > Default policy set bindings.
- Click the WS-Security policy in the Policies table.
- Click the Keys and certificates link in the Main message security policy bindings section.
- Click the certificate_store_name link in the Certificate store section.
To view this admin console page when we are configuring application specific bindings for tokens and message parts that are required by the policy set...
- Click Applications > Application Types > WebSphere enterprise apps .
- Select an application that contains Web services. The application must contain a service provider or a service client.
- Click the Service provider policy sets and bindings link or the Service client.policy sets and bindings in the Web Services Properties section.
- Select a binding. You must have previously attached a policy set and assigned a application specific binding.
- Click the WS-Security policy in the Policies table.
- Click the Keys and certificates link in the Main message security policy bindings section.
- Click the certificate_store_name link in the Certificate store section.
This admin console panel applies only to Java™ API for XML Web Services (JAX-WS) applications.
- Name
Name of the certificate store. The name field displays the name of the certificate store if we are editing a certificate store, or enter a name if we are creating a new certificate store.
- Revoked certificates – Full path
Specifies, in the Revoked certificates table, the paths for any certificates that are revoked. The Full Path column of this table lists any certificates that have been revoked.
We can add, edit, or remove these entries with the following buttons:
Button Resulting Action New Creates a revoked generator or consumer certificate store. Delete Removes the selected revoked generator or consumer certificate store. Edit Allows you to edit the applied entries selected in the checkbox. This button is only displayed if revoked certificates exist in the configuration.
- Intermediate X.509 certificates – Full Path
Specifies, for the consumer certificate store only, the paths for any intermediate X.509 certificates. The Full Path column of this table lists any intermediate X.509 certificate stores. This table is only displayed for the consumer version of this panel. It is not valid for generator certificate stores.
If the certificate store is outbound, the Intermediate X.509 certificates field is not displayed.
We can create, edit, or remove intermediate X.509 certificates with the following buttons:
Button Resulting Action New Creates an intermediate X.509 consumer certificate store. Delete Removes an intermediate X.509 consumer certificate store. Edit Allows you to edit the applied entries selected in the checkbox.
Related tasks
Set policy set bindings
Manage policy sets
Related
Application policy sets collection
Application policy set settings
Search attached applications collection
Policy set bindings settings
Keys and certificates