Use this page
to specify a list of untrusted, intermediate
certificate files. This collection certificate store is used for certificate
path validation of incoming X.509-formatted security tokens.
To view the administrative console page for the collection certificate
store on the server level, complete the following steps:
- Click .
- Under Security, click JAX-WS and JAX-RPC security runtime.
Mixed-version environment: In a mixed node cell with a server using Websphere
Application Server version 6.1 or earlier, click
Web services:
Default bindings for Web Services Security.
mixv
- Under
Additional properties, click Collection certificate
store.
- Click the name of a configured collection
certificate store or
create a new collection certificate store first.
- Under Additional
properties, click X.509 certificates.
- Specify
a new X.509 certificate path by clicking New or
by clicking the X.509 certificate path to modify its settings.
To view this administrative console page for an X.509 certificate
on the application level, complete the following steps:
- Click .
- Under Modules, click .
- Under Web Services Security Properties, you can access collection
certificate stores for the following bindings:
- For the Request
generator, click Web services: Client
security bindings. Under Request generator (sender) binding,
click .
- For the Request
consumer, click Web services: Server
security bindings. Under Request consumer (receiver) binding,
click .
- For the Response
generator, click Web services: Server
security bindings. Under Response generator (sender) binding,
click .
- For the Response
consumer, click Web services: Client
security bindings. Under Response consumer (receiver)
binding, click .
- Click the name of a configured collection certificate store or
create a new collection certificate store first.
- Under Additional
properties, click X.509 certificates.
- Specify
a new X.509 certificate path by clicking New or
click the X.509 certificate path to modify its settings.
Specifies
the absolute path to the location of the X.509
certificate.
As shown in the following example,
you can use the USER_INSTALL_ROOT
variable as part of the path name: {USER_INSTALL_ROOT}/etc/ws-security/samples/intca2.cer.
This X.509 certificate path is not for production use. Obtain your
own X.509 from a certificate authority before putting your application
server environment into production.
You can configure the USER_INSTALL_ROOT
variable in the administrative
console by clicking .