Use this page to view a list of keystore objects that contain trusted
root certificates. These objects are used for certificate path validation
of incoming X.509-formatted security tokens. Keystore objects within trust
anchors contain trusted root certificates that are used by the CertPath API
to validate the trust of a certificate chain.
This administrative console panel applies
only to Java API for XML-based RPC (JAX-RPC)
applications.
To create the keystore file, use the key tool that
is located in the install_dir\java\jre\bin\keytool directory.
To view this administrative console page for trust anchors on the server
level, complete the following steps:
- Click server_name.
- Under Security, click JAX-WS and JAX-RPC security runtime.
Mixed-version environment: In a mixed node cell with a server using Websphere Application
Server version 6.1 or earlier, click
Web services: Default bindings
for Web services security.
mixv
- Under Additional properties, click Trust anchors.
To view this administrative console page for trust anchors on the application
level,
- Click application_name.
- Click Manage modules > URI_name.
Under Web Services Security Properties, you can access
trust anchors information for the following bindings:
- For the Response consumer (receiver) binding, click Web services: Client
security bindings. Under Response consumer (receiver) binding, click Edit
custom.
- For the Request consumer (receiver) binding, click Web services: Server
security bindings. Under Request consumer (receiver) binding, click Edit
custom.
Under Additional properties, you can access the trust
anchors information for the following bindings:
- For the Response receiver binding, click Web services: Client security
bindings. Under Response receiver binding, click Edit.
- For the Request receiver binding, click Web services: Server security
bindings. Under Request receiver binding, click Edit.
- Under Additional properties, click Trust anchors.
If you click
Update runtime, the Web services security run time
is updated with the default binding information, which is contained in the
ws-security.xml file
that was previously saved. If you make changes on this panel, you must complete
the following steps:
- Save your changes by clicking Save at the top of the administrative
console. When you click Save, you are returned to the administrative
console home panel.
- Return to the Trust anchors collection panel and click Update runtime.
When you click Update runtime, the configuration changes made to the
other Web services also are updated in the Web services security run time.
Specifies the type of keystore file.
The value for this field is JKS, JCEKS, JCERACFKS (z/OS® only), JCE4758RACFKS (z/OS only), PKCS11KS
(PKCS11), or PKCS12KS (PKCS12).