Use this page to determine the location of the certificate revocation
list (CRL) known to the application server. The Application Server checks
the CRL to determine the validity of the client certificate. A certificate
that is found in a certificate revocation list might not be expired, but is
no longer trusted by the certificate authority (CA) that issued the certificate.
The CA might add the certificate to the certificate revocation list if it
believes that the client authority is compromised.
View the administrative console panel for the collection
certificate store on the cell level.
- Click Security > JAX-WS and JAX-RPC security runtime.
- Under additional properties, click Collection certificate store.
- Click the name of a configured collection certificate store or create
a new collection certificate store first.
- Under Additional properties, click Certificate revocation list.
View the administrative console panel for the collection certificate store
on the server level.
- Click server_name.
- Under Security, click JAX-WS and JAX-RPC security runtime.
混合版本環境: In a mixed node cell with a server using Websphere Application
Server version 6.1 or earlier, click
Web services: Default bindings
for Web services security.
mixv
- Under Additional properties, click Collection certificate store.
- Click the name of a configured collection certificate store or create
a new collection certificate store first.
- Under Additional properties, click Certificate revocation list.
![[只限第 6 版]](v6plusapp.gif)
View the administrative console page for the collection
certificate store on the application level.
- Click application_name.
- Under Modules, click Manage modules > URI_name.
- Under Web Services Security Properties, you can access collection certificate
stores for the following bindings:
- For the Request generator, click Web services: Client security bindings.
Under Request generator (sender) binding, click Edit custom > Collection
certificate store.
- For the Request consumer, click Web services: Server security bindings.
Under Request consumer (receiver) binding, click Edit custom > Collection
certificate store.
- For the Response generator, click Web services: Server security bindings.
Under Response generator (sender) binding, click Edit custom > Collection
certificate store.
- For the Response consumer, click Web services: Client security bindings.
Under Response consumer (receiver) binding, click Edit custom > Collection
certificate store.
- Click the name of a configured collection certificate store or create
a new collection certificate store first.
- Under Additional properties, click Certificate revocation list.
- Under Additional properties, you can access collection certificate stores
for the following bindings:
- For the Response receiver binding, click Web services: Client security
bindings. Under Response receiver binding, click Edit.
- Under Additional properties, click Collection certificate store > certificate_store_name.
- Under Additional properties, click X.509 certificates.
- Click New and specify the path to the certificate revocation list.
![[只限第 5 版]](v5app.gif)
Add a certificate revocation list for a version 5.
x application.
- Click Applications > Application Types > WebSphere enterprise
applications > application_name.
- Under Related items, click Manage modules > URI_name.