Since I don’t have required experience and knowledge for this thread, I will very appreciate if you could provide for me any suggestions or instructions.
I will start with details about technical environment:
- webMethods Integration 7.1.3 version (we are planning to make migration till newer version of IS)
- Java Version is 1.5.0
- OS is Windows Server 2008 R2
The customer has created an SOAP WebService provider available in public WAN, and we got an request to create workflow (including SOAP WebService consumer) which will consume customer WS operations. Since this workflow contains sensitive data, customer is focused on security and had requested an CSR file from us.
The transport protocol going to be HTTPS, with two-side authentication, so the client expects a server certificate to check. Afterwards the public key will be placed under the message and is checked at customer side, to validate it’s sender (our workflow)
Hence the questions:
- is there ready solutions (out the box) to create server certificate and basing on that, create expected CSR file (certificate signing request)
- The customer certificate could be downloaded and added to Trust Store, but how about our server certificate? Does it need to configure as WSS Handler in SOAP WS Consumer Descriptor?