Trust anchor collection

Use this page to view a list of keystore objects that contain trusted root certificates. These objects are used for certificate path validation of incoming X.509-formatted security tokens. Keystore objects within trust anchors contain trusted root certificates that are used by the CertPath API to validate the trust of a certificate chain.

這個管理主控台畫面只適用於 Java™ API for XML 型 RPC (JAX-RPC) Web 服務。

[AIX Solaris HP-UX Linux Windows] [z/OS] To create the keystore file, use the key tool that is located in the install_dir\java\jre\bin\keytool directory.

[iSeries] To create the keystore file, use the keytool utility. The keytool utility is available using the QShell Interpreter.

To view this administrative console page for trust anchors on the cell level, complete the following steps:
  1. Click Security > JAX-WS and JAX-RPC security runtime.
  2. Under Additional properties, click Trust anchors.
To view this administrative console page for trust anchors on the server level, complete the following steps:
  1. Click Servers > Server Types > WebSphere application servers > server_name.
  2. Under Security, click JAX-WS and JAX-RPC security runtime.
    混合版本環境: In a mixed node cell with a server using Websphere Application Server version 6.1 or earlier, click Web services: Default bindings for Web services security.mixv
  3. Under Additional properties, click Trust anchors.
To view this administrative console page for trust anchors on the application level,
  1. Click Applications > Application Types > WebSphere enterprise applicationsapplication_name.
  2. Click Manage modules > URI_name.
  3. [只限第 6 版] Under Web Services Security Properties, you can access trust anchors information for the following bindings:
    • For the Response consumer (receiver) binding, click Web services: Client security bindings. Under Response consumer (receiver) binding, click Edit custom.
    • For the Request consumer (receiver) binding, click Web services: Server security bindings. Under Request consumer (receiver) binding, click Edit custom.
  4. [只限第 5 版] Under Additional properties, you can access the trust anchors information for the following bindings:
    • For the Response receiver binding, click Web services: Client security bindings. Under Response receiver binding, click Edit.
    • For the Request receiver binding, click Web services: Server security bindings. Under Request receiver binding, click Edit.
  5. Under Additional properties, click Trust anchors.
If you click Update runtime, the Web services security run time is updated with the default binding information, which is contained in the ws-security.xml file that was previously saved. If you make changes on this panel, you must complete the following steps:
  1. Save your changes by clicking Save at the top of the administrative console. When you click Save, you are returned to the administrative console home panel.
  2. Return to the Trust anchors collection panel and click Update runtime. When you click Update runtime, the configuration changes made to the other Web services also are updated in the Web services security run time.
Trust anchor name [只限第 5 版和第 6 版]

Specifies the unique name that is used to identify the trust anchor.

Key store path [只限第 5 版和第 6 版]

Specifies the location of the keystore file that contains the trust anchors.

Key store type [只限第 5 版和第 6 版]

Specifies the type of keystore file.

The value for this field is JKS, JCEKS, JCERACFKS (z/OS® only), JCE4758RACFKS (z/OS only), PKCS11KS (PKCS11), or PKCS12KS (PKCS12).




標示(線上)的鏈結表示需要存取網際網路。

Related tasks
Related reference
Trust anchor configuration settings


檔名: uwbs_trstanc.html