About the Security Elements
Use the elements in the security folder to:
Control which client certificates are sent to other services.
Digitally sign data.
Process digital signatures.
Store and retrieve outbound passwords to access secure resources.
Manage
Integration Server keystores and truststores.
Secure XML documents.
The services
pub.security.keystore:setKeyAndChain,
pub.security:setKeyAndChainFromBytes, and
pub.security:clearKeyAndChain are used to control which client certificate the
webMethods Integration Server presents to remote servers. You need to use these services to switch between certificates and certificate chains if you are not using aliases for remote servers. For more information about aliases for remote servers, see
the section Setting Up a Remote Server Alias in the webMethods Integration Server Administrator’s Guide.The pub.security.outboundPasswords services support the use of encrypted outbound passwords to access secure resources. You may wish to have a flow service access a secure resource such as a remote Integration Server, proxy server, or database. The service would need to provide a valid password to access the resource. The pub.security.outboundPasswords services allow a flow service to store passwords in and retrieve passwords from the Integration Server's outbound password store. The outbound password store is an encrypted store of passwords managed by the Integration Server. For more information about the outbound password store, see the section Working with Outbound Password Settings in the webMethods Integration Server Administrator’s Guide .
The pub.security.keystore services allow you to configure Integration Server SSL through access to its keys and associated certificates. These keys and certificates are now stored securely in industry-standard keystore and truststore files. For more information about Integration Server keystores and truststores, see the section Keystores and Truststores in the webMethods Integration Server Administrator’s Guide .
The pub.security.xml services are based on the Apache Security APIs. These services support encryption and digital signing of outbound XML documents from Integration Server, and decryption and signature verification of inbound XML from partner applications. The services provide the most commonly-used XML security options, including:
Signing/encrypting the entire XML document or the content of specific nodes
Selection of the signing and encryption algorithms
Use of enveloping and enveloped signatures