X509 Authentication Element for Outbound Messages
Inclusion of this element causes the facility to include a WS-Security X.509 token reference in the message header (without using the token to sign any part of the message).
Token Reference Type
The token reference type attribute indicates how the signing certificate will be included in the header:
Reference Type | Item Included in Header |
Direct | The token itself, as a sequence of base-64-encoded bytes |
IssuerAndSerial | The token’s X.509 Issuer and Serial Number |
SubjectKeyIdentifier | The token’s X.509 Subject Key Identifier |
Thumbprint | The token’s thumbprint |
Example
<X509Authentication
TokenReferenceType="Thumbprint"/>
Include Certificate Path
This setting controls whether to send the signing certificate as a single certificate or as a certificate path (specified as “True” or “False”).
Default: The default value of “False” (meaning, send the signing certificate as a single certificate) applies only when the TokenReferenceType is set to “Direct.”
Example
<X509Authentication
TokenReferenceType="Direct"
IncludeCertPath="True"/>