The trust anchor stores the trusted root certificate authority (CA) certificates. The trust anchor is defined as javax.security.cert.TrustAnchor in Java CertPath API. The Java CertPath API uses the trust anchor and the certificate store to validate the incoming X.509 certificate that is embedded in the Simple Object Access Protocol (SOAP) message. For more information on the certificate store, see Collection certificate store.
The Web services security implementation in WebSphere Application Server - Express supports this trust anchor. In WebSphere Application Server - Express, the trust anchor is represented as a Java key store object. The type, path, and password of the key store are passed to the implementation through the Administration Console or by scripting.