Configure XML encryption and decryption

XML encryption enables you to encrypt an XML element, the content of an XML element, or arbitrary data such as an XML document. For more information, see XML encryption.

Like XML digital signature, a message is sent by the client as the request sender to the server as the request receiver. The response is sent by the server as the response sender to the client as the request receiver. Unlike XML digital signature, which verifies the authenticity of the sender, XML encryption scrambles the message content using a key, which can be unscrambled by a receiver that possesses the same key. You can use XML encryption in conjunction with XML digital signature to scramble the content while verifying the authenticity of the message sender.

To configure your Web services to encrypt and decrypt request and responses, perform the following steps:

  1. Configure a key locator
    Key locators are used to find keys for digital signature and encryption. WebSphere Application Server - Express provides default key locators that you can use with your digital signature configuration, or you can develop your own.

  2. Configure the client for request encryption
    Configure your Web services client to encrypt its requests to the server.

  3. Configure the client for response decryption
    Configure your Web services client to decrypt responses that it receives from the server.

  4. Configure the server for request decryption
    Configure your Web service to decrypt requests from the client.

  5. Configure the server for response encryption
    Configure your Web service to encrypt its requests to the client.