The encryption information for the default consumer specifies
how to process the encryption information on the receiver side if
these bindings are not defined at the application level. WebSphere
Application Server provides default values for the bindings. However,
an administrator must modify the defaults for a production environment.
About this task
Complete the following steps to configure
the encryption information for the consumer binding on the server
level:
Procedure
- Access the default bindings for the server level.
- Click Servers > Application servers > server_name.
- Under Security, click Web services: Default bindings
for Web services security.
- Under Default consumer bindings, click Encryption information.
- Click New to create an encryption information configuration,
click Delete to delete an existing configuration, or click
the name of an existing encryption information configuration to edit
the settings. If you are creating a new configuration,
enter a unique name for the encryption configuration in the Encryption
information name field. For example, you might specify con_encinfo.
- Select a data encryption algorithm from the Data encryption
algorithm field. This algorithm is used to encrypt the
data. WebSphere Application Server supports the following pre-configured
algorithms:
Important: Your country of origin
might have restrictions on the import, possession, use, or re-export
to another country, of encryption software. Before downloading or
using the unrestricted policy files, you must check the laws of your
country, its regulations, and its policies concerning the import,
possession, use, and re-export of encryption software, to determine
if it is permitted.
The data encryption algorithm that you select for the consumer
side must match the data encryption algorithm that you select for
the generator side.
- Select a key encryption algorithm from the Key encryption
algorithm field. This algorithm is used to encrypt the
key. WebSphere Application Server supports the following pre-configured
algorithms:
If you select None, the key is not encrypted.
The
key encryption algorithm that you select for the consumer side must
match the key encryption algorithm that you select for the generator
side.
- Under Additional properties, click Key information references.
- Click New to create a key information configuration,
click Delete to delete an existing configuration, or click
the name of an existing key information configuration to edit the
settings. If you are creating a new configuration, enter
a unique name for the key information configuration in the name field.
For example, you might specify con_enckeyinfo.
- Select a key information reference from the Key information
reference field. This selection refers to the name of the
key information that is used for encryption. For more information,
see Configuring the key information for the consumer binding on the server level.
- Click OK and Save to save the configuration.
Results
You have configured the encryption information for the consumer
binding at the server level.
What to do next
You must specify a similar encryption information configuration
for the generator.