Use this page to specify the binding configuration for receiver
response messages for Web services security.
- Signing Information
- Specifies the configuration for the signing parameters. Signing
information is used to sign and to validate parts of the message including
the body and the time stamp.
You can also use these parameters for X.509 validation when the authentication
method is IDAssertion and the ID type is X509Certificate in
the server-level configuration. In such cases, you must fill in the certificate
path fields only.
- Encryption Information
- Specifies the configuration for the encryption and decryption parameters.
Encryption information is used for encrypting and decrypting various parts
of a message, including the body and the user name token.
- Trust Anchors
- Specifies a list of key store objects that contain the trusted
root certificates that are self-signed or issued by a certificate authority.
The certificate authority authenticates a user and issues a certificate.
After the certificate is issued, the key store objects, which contain these
certificates, use the certificate for certificate path or certificate chain
validation of incoming X.509-formatted security tokens.
- Collection Certificate Store
- Specifies a list of the untrusted, intermediate certificate files.
The collection certificate store contains a chain of untrusted, intermediate
certificates.The CertPath API attempts to validate these certificates, which
are based on the trust anchor.
- Key Locators
- Specifies a list of key locator objects that retrieve the keys
for a digital signature and encryption from a key store file
or a repository. The key locator maps a name or logical name to an alias or
maps an authenticated identity to a key. This logical name is used to locate
a key in a key locator implementation.