This page provides a reference listing of the files related to implementing SOAP security using the Secure Sockets Layer (SSL) protocol.
SOAP Security related files
This table provides a quick reference for SOAP security topics.Note: All path listings are relative to the installation directory, /QIBM/UserData/WebASE/ASE5/instance_name, where instance_name is the root directory of your instance of WebSphere Application Server - Express.
| Path | Contents | Description |
|---|---|---|
| /installedApps/soapsamples.ear/soapsec.war | Web-INF, conf, key, log, etc. | Home of the soap security servlets |
| /installedApps/soapsamples.ear/soapsec.war/WEB-INF | web.xml | Modified servlet configuration file for digital signature |
| /installedApps/soapsamples.ear/soapsec.war/conf | .config files | Configuration files for envelope editors and signature components |
| /installedApps/soapsamples.ear/soapsec.war/key | SOAPclient, SOAPserver | Keystore files |
| /installedApps/soapsamples.ear/soapsec.war/logs | Log files | Logs generated during security exchange |
| /installedApps/soapsamples.ear/ServerSamplesCode/src/service_name | server side samples | Source for both the nonsecure and secure samples |
| /installedApps/soapsamples.ear/ClientCode/nt_bat | scripts to run client samples | Batch files for invoking the client side samples to interact with the server-side services |
| /installedApps/soapsamples.ear/ClientCode/unix_scripts | scripts to run client samples | Batch files for invoking the client side samples to interact with the server-side services |
| /installedApps/soapsamples.ear/ClientCode/data | data files used by samples | Windows NT systems only |
| /installedApps/soapsamples.ear/ClientCode/src | client side samples source | UNIX systems only |
| /lib | soap.jar, soap-sec.jar, ws-soap-ext.jar | Location of all SOAP related JAR files |
SOAP keystore files
SOAP certificates are stored in two keystore files, which are described in this table:
| File name | Store password | Description |
|---|---|---|
| SOAPserver | server | This keystore is used by a service provider. |
| SOAPclient | client | This keystore is used by a service requester. |
The certificates stored in both the SOAPserver and SOAPclient keystore files are described in this table:
| Alias | Issuer | Description |
|---|---|---|
| soapca | soapca itself | The certificate of the root Certificate Authority (CA) used for testing purposes |
| intca1 | soapca | The certificate of the CA to issue SSL related certificates |
| intca2 | soapca | The certificate of the CA to issue SOAP-DSIG-related certificates |
These two certificates are stored in the SOAPserver keystore:
| Alias | Issuer | Description |
|---|---|---|
| sslserver | intca1 | This is the certificate of the SSL server. This is also stored in the SOAPclient keystore as a trusted certificate. The PKCS12 file including the corresponding private key for this certificate is sslserver.p12. |
| soapprovider | intca2 | This certificate might be used by a service provider to digitally sign its response message. The key password is "server". |
These three certificates are stored in the SOAPclient keystore:
| Alias | Issuer | Description |
|---|---|---|
| sslclient | intca1 | This certificate might be used for the SSL client authentication. The key password is "client". |
| sslserver | intca1 | This is the certificate of the trusted SSL server and the same as the one stored in the SOAPserver keystore. The PKCS12 file, including the corresponding private key for this certificate, is sslserver.p12. |
| soaprequester | intca2 | This certificate might be used by a service requester to digitally sign its request message. The key password is "client". |