InfoCenter Home >
4: Developing applications >
4.8: Web services - an overview >
4.8.4: Securing SOAP services >
4.8.4.2: SOAP signature components >
4.8.4.2.1: Keystore files for testing purposes

4.8.4.2.1: Keystore files for testing purposes

Two keystore files, (SOAPserver and SOAPclient), are available for testing purposes. These files are located in directory:

product_installation_root/installedApps/soapsamples.ear/soapsec.war/key
This article describes the certificates that are stored in these two keystore files.

File nameStore passwordDescription
SOAPserverserverThis keystore is used by a service provider.
SOAPclientclientThis keystore is used by a service requester.

Common Certificate Authority certificates

The following three certificates are commonly stored in both keystore files.

AliasIssuerDescription
soapcasoapca itselfThe certificate of the root Certificate Authority (CA) used for testing purposes.
intca1soapcaThe certificate of the CA to issue SSL-related certificates.
intca2soapcaThe certificate of the CA to issue SOAP-DSIG-related certificates.

Certificates for service providers

The following two certificates are stored in the SOAPserver keystore.

AliasIssuerDescription
sslserverintca1This is the certificate of the SSL server. This is also stored in the SOAPclient keystore as a trusted certificate. The PKCS12 file including the corresponding private key for this certificate is sslserver.p12.
soapproviderintca2This certificate might be used by a service provider to digitally sign its response message. The key password is "server".

Certificates for service requesters

The following three certificates are stored in the SOAPclient keystore.

AliasIssuerDescription
sslclientintca1This certificate might be used for the SSL client authentication. The key password is "client".
sslserverintca1This is the certificate of the trusted SSL server and the same as the one stored in the SOAPserver keystore. The PKCS12 file, including the corresponding private key for this certificate, is sslserver.p12.
soaprequesterintca2This certificate might be used by a service requester to digitally sign its request message. The key password is "client".

Go to previous article: SOAP signature components Go to next article: Envelope Editor

 

 
Go to previous article: SOAP signature components Go to next article: Envelope Editor