Configure the server-side collection certificate store using an assembly tool
A collection certificate store is a collection of non-root, certificate authority (CA) certificates and certificate revocation lists (CRLs). This collections of CA certificates and CRLs are used to check the signature of a digitally signed SOAP message. We can configure the server-side collection certificate store using an assembly tool.
- Start an assembly tool. For more information, see the related information on Assembly Tools.
- Switch to the Java EE perspective. Click Window > Open Perspective > J2EE.
- Click EJB projects > application_name > ejbModule > META-INF.
- Right-click the webservices.xml file, select Open with > Web Services Editor.
- Click the Binding configurations tab in the web services editor within the assembly tool. The Web Service Binding Configuration window is displayed.
- Select one of the web service description binding entries under the Port Component Binding section.
- Expand the Request receiver binding configuration details > Certificate store list > Collection certificate store section.
- Click Add to create a new collection certificate store, click Edit to edit an existing certificate store, or click Remove to delete an existing certification store.
- Enter a name in the Name field. This name is referenced in the Certificate store reference field in the Signing info dialog.
- Leave the Provider field as IBMCertPath.
- Click Add to enter the path to your certificate store. For example, the path might be: ${USER_INSTALL_ROOT]/etc/ws-security/samples/intca2.cer. If we have additional certificate store paths, click Add to add the paths.
- Click OK when you finish adding paths.
Related concepts
Development and assembly tools
Related tasks
Configure the client-side collection certificate store using an assembly tool Configure the client-side collection certificate store using the administrative console Configure default collection certificate stores at the server level in the WAS administrative console