WebSphere Application Server Network Deployment, Version 6.0.x   Operating Systems: AIX, HP-UX, Linux, Solaris, Windows
             [TIP: Focusing the table of contents and search results]

Configuring the client-side collection certificate store using an assembly tool

You can configure the client-side collection certificate store using the assembly tool.

About this task

Important: There is an important distinction between Version 5.x and Version 6 and later applications. The information in this article supports Version 5.x applications only that are used with WebSphere Application Server Version 6.0.x and later. The information does not apply to Version 6 and later applications.

A collection certificate store is a collection of non-root, certificate authority (CA) certificates and certificate revocation lists (CRLs). This collection of CA certificates and CRLs are used to check the signature of a digitally signed SOAP message.

You can configure the collection certificate either by using an assembly tool or the WebSphere Application Server administrative console. Complete the following steps to configure the client-side collection certificate store using the assembly tool.

Procedure

  1. Launch an assembly tool. For more information on the assembly tools, see Assembly tools
  2. Switch to the Java 2 Platform, Enterprise Edition (J2EE) perspective. Click Window > Open Perspective > J2EE.
  3. Click Application Client projects > application_name > appClientModule > META-INF
  4. Right-click the application-client.xml file, select Open with > Deployment Descriptor Editor, and click the WS Binding tab. The Client Deployment Descriptor is displayed.
  5. Click the Port binding tab in deployment descriptor editor within the assembly tool. The Web services client port binding window is displayed.
  6. Select one of the Port qualified name binding entries.
  7. Expand the Security response receiver binding configuration > certificate store list > Collection certificate store section.
  8. Click Add to create a new collection certificate store, click Edit to edit an existing certificate store, or click Remove to delete an existing certificate store.
  9. Enter a name in the Name field. This name is referenced in the Certificate store reference field in the Signing info dialog box.
  10. Leave the Provider field as IBMCertPath.
  11. Click Add to enter the path to your certificate store. For example, the path might be: ${USER_INSTALL_ROOT}/etc/ws-security/samples/intca2.cer. If you have additional certificate store paths, click Add to add the paths.
  12. Click OK when you finish adding paths.



Related concepts
Assembly tools
Related tasks
Configuring the server-side collection certificate store using an assembly tool
Configuring the client-side collection certificate store using the administrative console
Configuring default collection certificate stores at the server level in the WebSphere Application Server administrative console
Securing Web services for Version 5.x applications using XML digital signature
Task topic    

Terms of Use | Feedback

Last updated: Mar 8, 2007 8:14:28 PM CST
http://publib.boulder.ibm.com/infocenter/wasinfo/v6r0/index.jsp?topic=/com.ibm.websphere.nd.doc/info/ae/ae/twbs_confclcertclastk.html

© Copyright IBM Corporation 2004, 2006. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)