You can configure encryption information, used to specify
how the generators (senders) encrypt outgoing messages, for the request
generator (client side) and the response generator (server side) bindings
at the application level.
Before you begin
Configure the key information that is referenced by the key
information references in the encryption information panel.
About this task
This
task provides the steps that are needed for configuring encryption
information for the request generator (client side) and the response
generator (server side) bindings at the application level. This encryption
information is used to specify how the generators (senders) encrypt
outgoing messages.
Complete the following steps to configure
the encryption information for the request generator or response generator
section of the bindings file on the application level:
Procedure
- Locate the encryption information configuration panel in
the administrative console.
- Click Applications > Enterprise applications > application_name.
- Under Related Items, click EJB
Modules or Web Modules > URI_name.
- Under Additional properties,
you can access the key information for the request generator and response
generator bindings.
- For the request generator (sender) binding, click Web services:
Client security bindings. Under Request generator (sender) binding,
click Edit custom.
- For the response generator (sender) binding, click Web services:
Server security bindings. Under Response generator (sender) binding,
click Edit custom.
- Under Required properties, click Encryption information.
- Click New to create an encryption information
configuration. Click Delete to delete an existing configuration
or click the name of an existing encryption information configuration
to edit its settings. If you are creating a new configuration,
enter a name in the Encryption information name field. For
example, you might specify gen_encinfo.
- Select a data encryption algorithm from the Data encryption
algorithm field. The selection specifies the algorithm
that is used to encrypt parts of the message. WebSphere Application
Server supports the following pre-configured algorithms:
Important: Your country of origin
might have restrictions on the import, possession, use, or re-export
to another country, of encryption software. Before downloading or
using the unrestricted policy files, you must check the laws of your
country, its regulations, and its policies concerning the import,
possession, use, and re-export of encryption software, to determine
if it is permitted.
The data encryption algorithm that you select for the generator
side must match the data encryption method that you select for the
consumer side.
- Select a key encryption algorithm from the Key encryption
algorithm field. This selection specifies the algorithm
that is used to encrypt keys. WebSphere Application Server supports
the following pre-configured algorithms:
The key encryption algorithm that you select for the generator
side must match the key encryption method that you select for the
consumer side.
- Select an encryption key information reference from the
Encryption key information menu. This selection is a reference
to the encryption key that is used to encrypt parts of the message.
To configure the key information, see Configuring the key information using JAX-RPC for the generator binding on the application level.
- Select a part reference from the Part reference field.
This field specifies the name of the part reference for the
generator binding element in the deployment descriptor.
- Click OK and then click Save to save the
configuration.
Results
The encryption information is configured for the generator
binding at the application level.
What to do next
You must specify a similar encryption information configuration
for the consumer.