[Version 5.0.2 and later]Encryption information configuration settings

Use this page to configure the encryption and decryption parameters.

The specifications listed on this page for the signature method, digest method, and canonicalization method are located in the World Wide Web Consortium (W3C) document entitled, XML Encryption Syntax and Processing: W3C Recommendation 10 Dec 2002.

To view this administrative console page, complete the following steps:

  1. Click Applications > Enterprise Applications > application_name.
  2. Under Related Items, click Web Module > URI_file_name > Web Services: Server Security Bindings.
  3. Under Response Sender Binding, click Edit > Encryption Information.
  4. If the encryption information is not available, select None.
  5. If the encryption information is available, select Dedicated Encryption Information.

Then, specify the configuration in the following fields:

Encryption Information Name
Specifies the name for the encryption information.
Key Locator Reference
Specifies the name used to reference the key locator.

To specify key locator references, click Servers > Application Servers > server_name. Under Additional Properties, click Web Services: Default bindings for Web Services Security > Key Locators.

Encryption Key Name
Specifies the name of the encryption key, which is resolved to the actual key by the specified key locator.
Key Encryption Algorithm
Specifies the algorithm URI of the key encryption method.

The following algorithms are supported:

By default the Java Cryptography Extension (JCE) is shipped with restricted or limited strength ciphers. To use 192-bit and 256- bit Advanced Encryption Standard (AES) encryption algorithms, you must apply unlimited jurisdiction policy files. Before downloading these policy files, back up the existing policy files (local_policy.jar and US_export_policy.jar in the jre/lib/security/ directory) prior to overwriting them in case you want to restore the original files later. To download the policy files, complete either of the following sets of steps:

After following either of these sets of steps, two Java Archive (JAR) files are placed in the JVM jre/lib/security/ directory.

Data Encryption Algorithm
Specifies the algorithm Uniform Resource Identifiers (URI) of the data encryption method.

The following algorithm is supported:

By default the JCE is shipped with restricted or limited strength ciphers. To use 192-bit and 256- bit AES encryption algorithms, you must apply unlimited jurisdiction policy files.


Related tasks
Securing Web services using XML encryption
Related reference
Encryption information collection
Key locator collection



Searchable topic ID:   uwbs_encryptrsb
Last updated: Jun 21, 2007 9:56:50 PM CDT    WebSphere Application Server for z/OS, Version 5.0.2
http://publib.boulder.ibm.com/infocenter/wasinfo/index.jsp?topic=/com.ibm.websphere.zseries.doc/info/zseries/ae/uwbs_encryptrsb.html

Library | Support | Terms of Use | Feedback