To use symmetric binding to... | Certificates and Keys Required |
Sign outbound messages | For an outbound request message, the consumer requires a symmetric key to sign the message. The consumer generates the symmetric key. The consumer requires the partner’s certificate to encrypt the symmetric key, which it places in the security header of the outbound request message. For an outbound response message, the provider requires a symmetric key to sign the message. The provider uses the encrypted symmetric key that the consumer passed in the security header of the inbound request message. To decrypt the symmetric key, the provider uses its own private key. |
Verify signed inbound messages | For an inbound response message, the consumer requires a symmetric key to verify the message signature. It uses the symmetric key it generated for the outbound request message. For an inbound request message, the provider requires a symmetric key to verify the message signature. The provider uses the encrypted symmetric key in the security header of the inbound request message. To decrypt the symmetric key, the provider uses its own private key. |
Encrypt outbound messages | For an outbound request message, the consumer requires a symmetric key to encrypt the message. The consumer generates the symmetric key. The consumer requires the partner’s certificate to encrypt the symmetric key, which it places in the security header of the outbound request message. For an outbound response message, the provider requires a symmetric key to encrypt the message. The provider uses the encrypted symmetric key that the consumer passed in the security header of the inbound request message. To decrypt the symmetric key, the provider uses its own private key. |
Decrypt inbound messages | For an inbound response message, the consumer requires a symmetric key to decrypt the message. It uses the symmetric key it generated for the outbound request message. For an inbound request message, the provider requires a symmetric key to decrypt the message. The provider uses the encrypted symmetric key in the security header of the inbound request message. To decrypt the symmetric key, the provider uses its own private key. |