[Version 5.0.2 and later]Trust anchor configuration settings

Use this information to configure a trust anchor. Trust anchors point to key stores that contain trusted root or self-signed certificates. This information enables you to specify a name for the trust anchor and the information needed to access a key store. The application binding uses this name to reference a predefined trust anchor definition in the binding file (or the default).

To view this administrative console page, complete the following steps:

  1. Click Servers > Application Servers > server_name.
  2. Under Additional Properties, click Web Services: Default bindings for Web Services Security > Trust Anchors > New.

Trust Anchor Name
Specifies the unique name used by the application binding to reference a predefined trust anchor definition in the default binding.
Key Store Password
Specifies the password needed to access the key store file.
Key Store Path
Specifies the location of the keystore file.

Use ${USER_INSTALL_ROOT} as this path expands to the WebSphere Application Server path on your machine.

Key Store Type
Specifies the type of key store file.
Data type String
Default JKS
Range JKS, JCEKS, PKCS11, PKCS12, JCERACFKS (z/OS only) and JCE4758RACFKS (z/OS only)

You should specify:

JKS
If you are not using Java Cryptography Extensions (JCE).
JCEKS
If you are using Java Cryptography Extensions. Although the JCEKS key store format is more secure, it decreases performance.
JCERACFKS
If the certificates are stored in a SAF key ring (z/OS only).
JCE4758RACFKS
If private keys are stored in ICSF (z/OS only).
PKCS11KS (PKCS11)
If your keystore file uses the PKCS#11 file format. Keystore files that use this format might contain Rivest Shamir Adelman (RSA) keys on cryptographic hardware or might encrypt keys that use cryptographic hardware to ensure protection.
PKCS12KS (PKCS12)
If your keystore file uses the PKCS#12 file format.


Related concepts
Trust anchors
Related tasks
Configuring trust anchors using the administrative console
Configuring trust anchors using the Assembly Toolkit
Related reference
Trust anchors collection



Searchable topic ID:   uwbs_trstancn
Last updated: Jun 21, 2007 9:56:50 PM CDT    WebSphere Application Server for z/OS, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.websphere.zseries.doc/info/zseries/ae/uwbs_trstancn.html

Library | Support | Terms of Use | Feedback