X.509 certificate token capabilities for verifying
For web services, you can verify a signing by using an X.509 certificate token profile.
X.509 certificate token verification of the Integrity of a signed incoming SOAP message is supported in the following configurations:
Capability
- Verify signature (by using a partner public key)
Policy Enforcement Point (PEP) and direction
- In (provider)
- In (consumer)
Configured with a policy set and binding defining the message Integrity
Trust Store or Policy Decision Point (PDP)
- Integration node Trust store; for details, see Viewing and setting keystore and truststore runtime properties at integration node level.
Signature verification is not supported with an external PDP, such as TFIM or LDAP.