Security Action | Options | Usage/Resolution Order |
Signature | 1. Message Addressing Endpoint Alias WS Security Properties/Keystore Alias WS Security Properties/Key Alias Note: Applies only in case of non-anonymous asynchronous response messages and if there is a message addressing endpoint alias associated with the response endpoint address. 2. Provider Endpoint Alias WS Security Properties/Keystore Alias WS Security Properties/Key Alias 3. Listener (Port) Settings Listener Specific Credentials/Keystore Alias Listener Specific Credentials/Key Alias 4. Server Settings Signing Key/Keystore Alias Signing Key/Key Alias 5. Server Settings SSL Key/Keystore Alias SSL Key/Key Alias | |
Include the certificate path | 1. Message Addressing Endpoint Alias Entire certificate chain associated with the specified Key Alias is used Note: Applies only in case of non-anonymous asynchronous response messages and if there is a message addressing endpoint alias associated with the response endpoint address. 2. Provider Endpoint Alias Entire certificate chain associated with the specified Key Alias is used 3. Listener (Port) Settings Entire certificate chain associated with the specified Key Alias is used 4. Server Settings Entire certificate chain associated with the Key Alias specified for Signing is used 5. Server Settings Entire certificate chain associated with the Key Alias specified for SSL is used | |
Do not include the certificate path | 1. Message Addressing Endpoint Alias Only the server's certificate (first certificate in the chain) associated with the specified Key Alias is used Note: Applies only in case of non-anonymous asynchronous response messages and if there is a message addressing endpoint alias associated with the response endpoint address. 2. Provider Endpoint Alias Only the server’s certificate (first certificate in the chain) associated with the specified Key Alias is used 3. Listener (Port) Settings Only the server’s certificate (first certificate in the chain) associated with the specified Key Alias is used 4. Server Settings Only the server’s certificate (first certificate in the chain) associated with the Key Alias specified for Signing is used 5. Server Settings Only server’s certificate (1st certificate in chain) associated with the Key Alias specified for SSL is used | |
Encryption | 1. Message Addressing Endpoint Alias WS Security Properties/Partner’s Certificate Note: Applies only in case of non-anonymous asynchronous response messages and if there is a message addressing endpoint alias associated with the response endpoint address. 2. WS Security Header Public key included in the request header 3. Certificate Mapping Public key (certificate) associated with resolved user and Usage (in the order specified below) for one of: Encrypt VerifyAndEncrypt SSL | |
X.509 Authentication Note: Applies only in case of non-anonymous asynchronous response messages and if there is a message addressing endpoint alias associated with the response endpoint address. | 1. Message Addressing Endpoint Alias WS Security Properties/Keystore Alias WS Security Properties/Key Alias 2. Endpoint Alias WS Security Properties/Keystore Alias WS Security Properties/Key Alias 3. Server Settings Signing Key/Keystore Alias Signing Key/Key Alias 4. Server Settings SSL Key/Keystore Alias SSL Key/Key Alias | |
Include the certificate path | 1. Message Addressing Endpoint Alias Entire certificate chain associated with the specified Key Alias is used 2. Provider Endpoint Alias Entire certificate chain associated with the specified Key Alias is used 3. Server Settings Entire certificate chain associated with the Key Alias specified for Signing is use 4. Server Settings Entire certificate chain associated with the Key Alias specified for SSL is used | |
Do not include the certificate path | 1. Message Addressing Endpoint Alias Only the server’s certificate (first certificate in the chain) with the specified Key Alias is used 2. Endpoint Alias Only the server’s certificate (first certificate in the chain) associated with the specified Key Alias is used 3. Server Settings Only the server’s certificate (first certificate in the chain) associated with the Key Alias specified for Signing is used 4. Server Settings Only the server’s certificate (first certificate in the chain) associated with the Key Alias specified for SSL is used |