For web services, you can use an X.509 certificate token for signing.
X.509 certificate token signing for outgoing SOAP message Integrity is supported in the following configurations:
Capability
Configured with a policy set and binding defining the message Integrity.
Signing is not supported with an external PDP such as TFIM or LDAP.