X.509 certificate token capabilities for encryption
For web services, you can complete encryption by using an X.509 certificate token.
X.509 certificate token encryption for providing message Confidentiality on outgoing SOAP messages from the integration node is supported in the following configurations:
Capability
- Encrypt (by using a partner public key)
Policy Enforcement Point (PEP) and direction
- Out (consumer)
- Out (provider)
Configured with a policy set and binding defining the message Confidentiality.
Trust Store or Policy Decision Point (PDP)
- Integration node Truststore; for more details, see Viewing and setting keystore and truststore runtime properties at integration node level.
Encryption is not supported with external PDPs such as TFIM or LDAP.