A collection certificate store is
a collection of
non-root, certificate authority (CA) certificates and certificate
revocation lists (CRLs). This collections of CA certificates and CRLs
are used to check the signature of a digitally signed SOAP message.
You can configure the server-side collection certificate store by
using an assembly tool.
About this task
Important: There is an important distinction
between Version 5.x and Version 6 and later applications. The
information in this article supports Version 5.x applications
only that are used with WebSphere® Application Server
Version 6.0.x and later. The information does not apply to
Version 6.0.x and later applications.
You can configure
the collection certificate either by using an assembly tool or by
using the WebSphere Application Server administrative
console. Complete the following steps to configure the server-side
collection certificate store using an assembly tool.
Procedure
- Start an assembly tool. For more information,
see the related information on Assembly Tools.
- Switch to the Java Platform,
Enterprise Edition (Java EE)
perspective. Click .
- Click .
- Right-click
the webservices.xml file,
select .
- Click
the Binding configurations tab in the web services
editor within the assembly tool. The Web Service Binding
Configuration window is displayed.
- Select
one of the web service description binding entries
under the Port Component Binding section.
- Expand
the section.
- Click Add to create a new
collection
certificate store, click Edit to edit an existing
certificate store, or click Remove to delete an existing certification
store.
- Enter a name in the Name field.
This name is referenced in the Certificate store
reference field in the Signing info dialog.
- Leave the Provider field as IBMCertPath.
- Click Add to enter the path
to your
certificate store. For example, the path might be: ${USER_INSTALL_ROOT]/etc/ws-security/samples/intca2.cer.
If you have additional certificate store paths, click Add to
add the paths.
- Click OK when
you finish adding
paths.