Before you begin
Prior to completing this task, you must import your application into an assembly tool. For information on how to import your application, see Importing enterprise applications.Why and when to perform this task
This task describes the steps to specify the collection certificate store for the generator bindings at the application level using an assembly tool. A collection certificate store is a collection of non-root certificate authority (CA) certificates and certificate revocation lists (CRLs) that is used for validating an X.509 certificate embedded within the received SOAP message. The request generator is configured for the client and the response generator is configured for the server. On the generator side, a configuration for the collection certificate store is required only when you configure CRLs that are embedded in the PKCS#7 format. Complete the following steps to configure a collection certificate store for the generator. Specifying either the client-side bindings in step 2 or the server-side bindings in step 3.Steps for this task
You can use the USER_INSTALL_ROOT variable as part of the path name. For example, you might specify ${USER_INSTALL_ROOT}/etc/ws-security/samples/intca2.cer. However, do not use this X.509 certificate path for production use. Obtain your own X.509 certificate from a certificate authority before putting your WebSphere Application Server environment into production.
In the WebSphere Application Server administrative console, you can click Environment > WebSphere Variables to configure the USER_INSTALL_ROOT variable.
For portability reasons, it is recommended that you use the WebSphere Application Server variables to specify a relative path to the certificate revocation list. For example, you might use the USER_INSTALL_ROOT variable to define a path such as ${USER_INSTALL_ROOT}/mycertstore/mycrl. For a list of the supported variables in the WebSphere Application Server administrative console, click Environment > WebSphere Variables.
Related concepts
Collection certificate store
Related tasks
Configuring token generators with an assembly tool