Before you begin
You must first create the Web service security configuration that is associated with a Web service before you can configure specific features.
See Create a Web service security configuration for details about creating a security configuration.
You must also have already obtained a private key and X.509 certificate pair and added it to an existing keystore in WebLogic Server. You will specify the name and password of the keystore, as well as the name and password of the key pair, in the following procedure. For details, see Obtaining Private Keys, Digital Certificates, and Trusted Certificate Authorities.
The core security realm of WebLogic Server includes a default keystore configured with a key and certificate pair, which message-level secured Web services can use to encrypt and digitally sign SOAP message. This is useful when developing and testing your application. However, when you move your application to production, it is a good practice to use different key and certificate pairs for different tasks. The following procedure shows how to specify that the WebLogic Web services runtime use a specific key and certificate pair (different from the default) to digitally sign SOAP messages.
Web services programmers associate a Web service security
configuration using the
value attribute specifies the
associated configuration name. If the programmer does not specify
value attribute, the Web service is associated
with the default security configuration:
After you finish
You must redeploy any Web service which is associated with this security configuration for the security changes to take effect.