Use this page to view a list of
keystore objects that contain
trusted root certificates. These objects are used for certificate
path validation of incoming X.509-formatted security tokens. Keystore
objects within trust anchors contain trusted root certificates that
are used by the CertPath API to validate the trust of a certificate
chain.
This administrative console page applies only
to Java API for XML-based RPC (JAX-RPC) applications.
To create the keystore file, use the keytool
utility. The keytool utility is available using the QShell Interpreter.
To view this administrative console page for trust anchors
on the
server level, complete the following steps:
- Click .
- Under Security, click JAX-WS and JAX-RPC security runtime.
Mixed-version environment: In a mixed node cell with a server using Websphere
Application Server version 6.1 or earlier, click
Web services:
Default bindings for Web Services Security.
mixv
- Under
Additional properties, click Trust anchors.
To view this administrative console page for trust anchors
on the
application level,
- Click .
- Click .
- Under Web Services Security Properties, you can
access trust anchors information for the following bindings:
- For
the Response consumer (receiver) binding, click Web
services: Client security bindings. Under Response consumer
(receiver) binding, click Edit custom.
- For
the Request consumer (receiver) binding, click Web
services: Server security bindings. Under Request consumer
(receiver) binding, click Edit custom.
- Under Additional properties, you can access the
trust anchors information for the following bindings:
- For the
Response receiver binding, click Web services:
Client security bindings. Under Response receiver binding,
click Edit.
- For the Request receiver
binding, click Web services:
Server security bindings. Under Request receiver binding,
click Edit.
- Under Additional
properties, click Trust anchors.
If
you click
Update runtime, the Web Services
Security run time is updated with the default binding information,
which is contained in the
ws-security.xml file
that was previously saved. If you make changes on this panel, you
must complete the following steps:
- Save your changes by clicking Save at
the
top of the administrative console. When you click Save,
you are returned to the administrative console home panel.
- Return
to the Trust anchors collection panel and click Update
runtime. When you click Update runtime,
the configuration changes made to the other web services also are
updated in the Web Services Security run time.
Specifies the type of keystore file.
The value for this field is JKS, JCEKS, JCERACFKS (z/OS® only), JCE4758RACFKS (z/OS only), PKCS11KS
(PKCS11), or PKCS12KS (PKCS12).