The table refers to keystore and key aliases for the Signing Key, the Decryption Key, and the SSL Key. You can configure these keystore and key aliases on the Security > Certificates page of the Integration Server Administrator.The table refers to keystore and key aliases for the Signing Key, the Decryption Key, and the SSL Key. You can configure these keystore and key aliases on the Security > Certificates page of the Integration Server Administrator.The usage order applies to all attributes of a policy assertion except where otherwise specified. If a policy assertion is not specified, then certificate and key resolution order is not applicable.Security Action | Options | Usage/Resolution Order |
UsernameToken | 1. Passed In (Generated WSC) auth/message/user auth/message/pass 2. Endpoint Alias WS Security Properties/User Name WS Security Properties/Password | |
Signature | 1. Passed In (Generated WSC) auth/message/serverCerts/keyStoreAlias auth/message/serverCerts/keyAlias 2. Endpoint Alias WS Security Properties/Keystore Alias WS Security Properties/Key Alias 3. Server Settings Signing Key/Keystore Alias Signing Key/Key Alias 4. Server Settings SSL Key/Keystore Alias SSL Key/Key Alias | |
Include the certificate path | 1. Passed In (Generated WSC) Entire certificate chain used with the specified value for auth/message/serverCerts/keyAlias 2. Endpoint Alias Entire certificate chain associated with the specified Key Alias is used 3. Server Settings Entire certificate chain associated with the Key Alias specified for Signing is used 4. Server Settings Entire certificate chain associated with the Key Alias specified for SSL is used | |
Do not include the certificate path | 1. Passed In (Generated WSC) Only the server’s certificate (first certificate in the chain) with the specified value for auth/message/serverCerts/keyAlias is used 2. Endpoint Alias Only the server’s certificate (first certificate in the chain) associated with the specified Key Alias is used 3. Server Settings Only the server’s certificate (first certificate in the chain) associated with the Key Alias specified for Signing is used 4. Server Settings Only the server’s certificate (first certificate in the chain) associated with the Key Alias specified for SSL is used | |
Encryption | 1. Passed In (Generated WSC) auth/message/partnerCert 2. Endpoint Alias WS Security Properties/Partner’s Certificate | |
X.509 Authentication | 1. Passed In (Generated WSC) auth/message/serverCerts/keyStoreAlias auth/message/serverCerts/keyAlias 2. Endpoint Alias WS Security Properties/Keystore Alias WS Security Properties/Key Alias 3. Server Settings Signing Key/Keystore Alias Signing Key/Key Alias 4. Server Settings SSL Key/Keystore Alias SSL Key/Key Alias | |
Include the certificate path | 1. Passed In (Generated WSC) Entire certificate chain used with the specified value for auth/message/serverCerts/keyAlias 2. Endpoint Alias Entire certificate chain associated with the specified Key Alias is used 3. Server Settings Entire certificate chain associated with the Key Alias specified for Signing is use 4. Server Settings Entire certificate chain associated with the Key Alias specified for SSL is used | |
Do not include the certificate path | 1. Passed In (Generated WSC) Only the server’s certificate (first certificate in the chain) with the specified value for auth/message/serverCerts/keyAlias is used 2. Endpoint Alias Only the server’s certificate (first certificate in the chain) associated with the specified Key Alias is used 3. Server Settings Only the server’s certificate (first certificate in the chain) associated with the Key Alias specified for Signing is used 4. Server Settings Only the server’s certificate (first certificate in the chain) associated with the Key Alias specified for SSL is used |