Using Web Services in NIST 800-131a compliance mode

To accommodate for NIST 800-131a compliance, SHA256withRSA was added to the SigningAlgorithm list.

Web Services uses SOAOutboundSecurityService and SOAInboundSecurityService to sign, encrypt, decrypt, and verify signature over an HTTP or HTTPS. If you are using NIST 800-131a compliance when you configure these services over HTTP or HTTPS, only NIST 800-131a compliant certificates are available for selection.

If a non-NIST 800-131a compliant certificate, signature, or algorithm is used for SOAOutboundSecurityService or SOAInboundSecurityService, the business process fails, indicating in the status report that the Encryption certificate is not NIST compliant. If you receive an error, you must re-configure for NIST 800-131a compliance.

When indicating the KeyEncodingAlgorithm on the ResponseSecurityEncryption Settings page, use RSAOEP.