Use this page to specify the name and the provider for a collection
certificate store. A collection certificate store is a collection of
non-root, certificate authority (CA) certificates and certificate revocation
lists (CRLs). This collection of CA certificates and CRLs is used to check
the signature of a digitally signed SOAP message.
To view the administrative console panel for the collection
certificate store on the cell level, complete the following steps:
- Click Security > JAX-WS and JAX-RPC security runtime.
- Under Additional properties, click Collection certificate store.
- Specify a new collection certificate store by clicking New or click
the collection certificate store name to modify its settings.
To view the administrative console panel for the collection certificate
store on the server level, complete the following steps:
- Click server_name.
- Under Security, click JAX-WS and JAX-RPC security runtime.
混合版本環境: In a mixed node cell with a server using Websphere Application
Server version 6.1 or earlier, click
Web services: Default bindings
for Web services security.
mixv
- Under Additional properties, click Collection certificate store.
- Specify a new collection certificate store by clicking New or by
clicking the collection certificate store name to modify its settings.
To view this administrative console page for the collection certificate
store on the application level, complete the following steps:
- Click application_name.
- Under Modules, click Manage modules > URI_name.
- Under Web Services Security Properties, you can access collection certificate
stores for the following bindings:
- For the Request generator, click Web services: Client security bindings.
Under Request generator (sender) binding, click Edit custom > Collection
certificate store.
- For the Request consumer, click Web services: Server security bindings.
Under Request consumer (receiver) binding, click Edit custom > Collection
certificate store.
- For the Response generator, click Web services: Server security bindings.
Under Response generator (sender) binding, click Edit custom > Collection
certificate store.
- For the Response consumer, click Web services: Client security bindings.
Under Response consumer (receiver) binding, click Edit custom > Collection
certificate store.
Under Additional properties, you can access collection
certificate stores for the following bindings:
- For the Request receiver binding click Edit > Collection
certificate store.
- For the Response receiver binding, click Edit > Collection
certificate store.
- Specify a new collection certificate store by clicking New or by
clicking the collection certificate store name to modify its settings.
After configuring a collection certificate store, you can select the new
configuration under Certificate store on the token generator and token consumer
panels. To access these panels, complete the following steps:
- Click Security > JAX-WS and JAX-RPC security
runtime.
- Under Default generator bindings, click Token generators or under
Default consumer bindings, click Token consumers.
- Click New to create a new token generator or token consumer, or
click the name of an existing configuration to make modifications.
After you configure your collection certificate store on this panel, you
must click
Apply before configuring either the certificate revocation
list or an X.509 certificate. The certificate revocation list configuration
is not available for version 5.
x applications through the administrative
console. After you configure your certificate revocation list or X.509 certificate,
complete the following steps:
- Click Save, at the top of the administrative console panel, which
returns you to the list of the configured collection certificate stores.
- Click Update runtime to update the Web services security run time
with the default binding information, which is found in the ws_security.xml file.