X.509 certificate token capabilities for encryption

For web services, you can complete encryption by using an X.509 certificate token.

X.509 certificate token encryption for providing message Confidentiality on outgoing SOAP messages from the integration node is supported in the following configurations:

Capability

Encrypt (by using a partner public key)

Policy Enforcement Point (PEP) and direction

Out (consumer)
- SOAPRequest node
- SOAPAsyncRequest node
Out (provider)
- SOAPReply node
Configured with a policy set and binding defining the message Confidentiality.

Trust Store or Policy Decision Point (PDP)

Integration node Truststore; for more details, see Viewing and setting keystore and truststore runtime properties at integration node level.

Encryption is not supported with external PDPs such as TFIM or LDAP.