You can enable individual Web service applications to use
cryptographic keys stored in hardware devices in Web Services Security.
Procedure
- In the administrative console, click Servers > Server
types > WebSphere® application servers and then
select the server name.
- Under Security, click JAX-WS and JAX-RPC security
runtime.
- Under Additional properties, click key locators.
- Select the key locator name.
- Under Key store, specify the name of the keystore
configuration.
If the keystore reference is specified
to a hardware device configuration, the Web Services Security runtime
first attempts to obtain the cryptographic algorithm from the hardware
device. If the hardware device is not supported or if it fails, the
runtime for Web services security obtains the cryptographic algorithm
from the security providers list. Read about creating a keystore configuration
for a preexisting keystore file for more information about how to
create the name of a keystore configuration.
- Click OK.
Results
If the name of the keystore reference is a Java™ keystore
file, a hardware acceleration device that is configured at the application
server level (ws-security.xml) will be used for cryptographic
operations.