Use this page to configure new signing parameters.
The specifications that are listed on this page for the signature method, digest method, and canonicalization method are located in the World Wide Web Consortium (W3C) document entitled, XML Signature Syntax and Specification: W3C Recommendation 12 Feb 2002.
Specifies the name that is assigned to the signing configuration.
Specifies the algorithm Uniform Resource Identifiers (URI) of the signature method.
When you specify the Algorithm URI, you also must specify an algorithm type. To have the algorithm display as a selection in the Signature method field on the Signing information panel, you must select Signature as the algorithm type.
This field is available for Version 6.0.x.x applications and for the request receiver and response receiver bindings for Version 5.x applications.
Specifies the algorithm URI of the digest method.
The http://www.w3.org/2000/09/xmldsig#sha1 algorithm is supported.
This field is available for the request receiver and response receiver bindings for Version 5.x applications.
Specifies the algorithm URI of the canonicalization method.
This field is for Version 6.0.x.x applications and for the request receiver and response receiver bindings for Version 5.x applications.
Specifies how to sign a KeyInfo element if dsigkey or enckey is specified for the signing part in the deployment descriptor.
The Key information signature type field is available for the token consumer binding.
For Version 6.0.x.x applications, the field is also available
for the default consumer, request consumer, and response consumer bindings.
Specifies a reference to the key information that WebSphere Application Server uses to generate the digital signature.
You can specify one signing key only for the default generator, request generator, and response generator bindings on the cell level and the server level. However, you can specify multiple signing keys for the default consumer, request consumer, and response consumer bindings. The signing keys for the default consumer, request consumer, and response consumer bindings are specified using the Key Information references link under Additional properties on the Signing information panel.
On the application level, you can specify only one signing key for the request generator and the response generator. You can specify multiple signing keys for the request consumer and response generator. The signing keys for the request consumer and the response consumer are specified using the Key information references link under Additional properties.
Binding name | Cell level, server level, or application level | Path |
---|---|---|
Default generator binding | Cell level |
|
Default consumer binding | Cell level |
|
Default generator binding | Server level |
|
Default consumer binding | Server level |
|
Specifies the settings for the certificate path validation. When you select Trust any, this validation is skipped and all incoming certificates are trusted.
The certificate path options are available on the application level.
Trust anchor
WebSphere Application Server searches for trust anchor configurations on the application and server levels and lists the configurations in this menu.
In a Network Deployment environment, WebSphere Application Server also searches the cell level for trust anchor configurations.
You can specify trust
anchors as an additional property for the response receiver binding and the
request receiver binding.
Binding name | Cell level, server level, or application level | Path |
---|---|---|
Default generator binding | Cell level |
|
Default consumer binding | Cell level |
|
Default generator binding | Server level |
|
Default consumer binding | Server level |
|
Response receiver | Application level for Version 5.x applications |
|
Request receiver | Application level for Version 5.x applications |
|
For an explanation of the fields on the trust anchor panel, see Trust anchor configuration settings.
Certificate store
WebSphere Application Server searches for certificate store configurations on the application and server levels and lists the configurations in this menu.
In a Network Deployment environment, WebSphere Application Server also searches the cell level for certificate store configurations.
Binding name | Cell level, server level, or application level | Path |
---|---|---|
Default generator binding | Cell level |
|
Default consumer binding | Cell level |
|
Default generator binding | Server level |
|
Default consumer binding | Server level |
|
Response receiver | Application level for Version 5.x applications |
|
Request receiver | Application level for Version 5.x applications |
|
For an explanation of the fields on the collection certificate store panel, see Collection certificate store configuration settings.
Related reference
Signing information collection
Trust anchor configuration settings
Collection certificate store configuration settings