Configuring HTTP outbound transport level security with the administrative console

You can configure HTTP outbound transport level security with the administrative console.

Before you begin

This task is one of several ways that you can configure the HTTP outbound transport level security for a web service acting as a client to another web service server. You can also configure the HTTP outbound transport level security with an assembly tool or by using the Java™ properties. If you do not configure the HTTP outbound transport level security, the web services runtime defers to the Web Services for Java Platform, Enterprise Edition (Java EE) security runtime in the WebSphere® product for an effective Secure Sockets Layer (SSL) configuration. If there is no SSL configuration with the Java EE security runtime in the WebSphere product, the Java Secure Socket Extension (JSSE) system properties are used.

About this task

If you choose to configure the HTTP outbound transport level security with the administrative console or an assembly tool, the Web Services Security binding information is modified. You can use the administrative console to configure the web services client security bindings if you have deployed or installed the web services application into WebSphere Application Server. If you have not installed the web services application, you can configure the HTTP SSL configuration with an assembly tool. This task assumes that you have deployed the web services application into the WebSphere product. See the deploying web services applications onto application servers information to learn more about deploying web services.

If you configure the HTTP outbound transport level security using the standard Java properties for JSSE, the properties are configured as system properties. The configuration specified in the binding takes precedence over the Java properties. However, the configurations that are specified by the Java EE security programming model, or that are associated the Dynamic selection, have higher precedence.

See the secure communications using Secure Sockets Layer information to learn more implementing transport level security.

Configure the HTTP outbound transport level security with the following steps provided in this task section.

Note: This administrative console procedure applies only to Java API for XML-based RPC (JAX-RPC) applications,

Procedure

  1. Open the administrative console.
  2. Click Applications > Enterprise Applications > application_instance > Manage Modules > module_instance . Under Web Services Security Properties, click Web Services: Client security bindings.
  3. Under the heading, HTTP SSL Configuration, click Edit to access the HTTP SSL configuration panel.
    Select the Centrally-managed radio button so that the system runtime chooses the SSL configuration that is based on the current context. Select the Specific to this Web service port radio button if you want to choose the SSL configuration in the HTTP SSL configuration drop down box.

Results

You have configured the HTTP outbound transport level security for a web service acting as a client to another web service with the administrative console.