Invoke web services over HTTPS

The Web services gateway can invoke web services that include https:// in their addresses, if the Java and WebSphere security properties have been configured to allow it. This means that one Gateway can send a SOAP/HTTPS message direct to another Gateway, rather than having to export services and have clients invoke them using HTTPS.

To enable your Gateway to send and receive SOAP/HTTPS messages, confirm that your Java and WebSphere security properties are configured as described in the following steps:

1. Check that there is a copy of file ibmjsse.jar in directory WAS_root/java/jre/lib/ext (where WAS_root is the root directory for your installation of IBM WAS).
2. Edit the security properties file WAS_root/java/jre/lib/security/java.security so that it includes entries for both the Sun security provider and the IBM security provider. For example:

   security.provider.1=sun.security.provider.Sun
   security.provider.2=com.ibm.jsse.IBMJSSEProvider

   Note: The order is significant. The Sun security provider must come before the IBM provider.

3. Use the WAS Administative Console to set up the following equivalent system properties:

    // truststore location
   System.setProperty("javax.net.ssl.trustStore","your_truststore_root_directory/TestSSL/key.jks");
   // set truststore password
   System.setProperty("javax.net.ssl.trustStorePassword","your_truststore_password");
   //use ibm reference implementation
   System.setProperty("java.protocol.handler.pkgs","com.ibm.net.ssl.internal.www.protocol");