Use this page to specify a list of certificate revocations that
check the validity of a certificate. The application server checks the certificate
revocation lists (CRL) to determine the validity of the client certificate.
A certificate that is found in a certificate revocation list might not be
expired, but is no longer trusted by the certificate authority (CA) that issued
the certificate. The CA might add the certificate to the certificate revocation
list if it believes that the client authority is compromised.
To view the administrative console panel
for the collection certificate store on the cell level, complete the following
steps:
- Click Security > Web services.
- Under additional properties, click Collection certificate store.
- Click the name of a configured collection certificate store or create
a new collection certificate store first.
- Under Additional properties, click Certificate revocation lists > New to
specify the path to a new list or click the name of a certificate revocation
list to modify its path.
To view the administrative console panel for the collection certificate
store on the server level, complete the following steps:
- Click Servers > Application servers > server_name.
- Under Security, click Web services: Default bindings for Web services
security.
- Under Additional properties, click Collection certificate store.
- Click the name of a configured collection certificate store or create
a new collection certificate store first.
- Under Additional properties, click Certificate revocation lists > New to
specify the path to a new list or click the name of a certificate revocation
list to modify its path.
To view this administrative console page for the collection certificate
store on the application level, complete the following steps:
- Click Applications > Enterprise applications > application_name.
- Click Manage modules > URI_name.
- Under Web Services Security Properties, you can access
collection certificate stores for the following bindings:
- For the Request generator, click Web services: Client security bindings.
Under Request generator (sender) binding, click Edit custom > Collection
certificate store.
- For the Request consumer, click Web services: Server security bindings.
Under Request consumer (receiver) binding, click Edit custom > Collection
certificate store.
- For the Response generator, click Web services: Server security bindings.
Under Response generator (sender) binding, click Edit custom > Collection
certificate store.
- For the Response consumer, click Web services: Client security bindings.
Under Response consumer (receiver) binding, click Edit custom > Collection
certificate store.
- Click the name of a configured collection certificate store or create
a new collection certificate store first.
- Under Additional properties, click Certificate revocation lists > New to
specify the path to a new list or click the name of a certificate revocation
list to modify its path.