To use asymmetric binding to... | Certificates and Keys Required |
Sign outbound messages | The sender of the outbound message requires a private key, which it uses to sign the message. The private key must correspond to the public key that the partner will use to verify the signature. |
Verify signed inbound messages | The receiver of the inbound message requires a public key to verify the signature. The public key must correspond to the private key that the partner used to sign outbound messages. Additionally, if the signing certificate will be validated to ensure that it is signed by a truststore, a web service needs access to the certificate file containing the trusted root of the signing CA (truststore). |
Encrypt outbound messages | The sender of the outbound message requires the partner’s certificate with the public key, which it uses to encrypt the message. |
Decrypt inbound messages | The receiver of the inbound message requires a private key to decrypt the message. The private key must correspond to the public key that the partner used to encrypt the outbound message. |