Enabling hardware cryptographic devices for Web Services Security

You can enable Web Services Security by using cryptographic hardware devices for both web service clients and web service providers that are running in the WebSphere® Application Server environment. A cryptographic token is a hardware or software device with a built-in keystore implementation. Cryptographic devices are used to manage certificates stored on the cryptographic tokens. These devices are also called smartcards. You enable hardware cryptographic devices for Web Service Security by either using keys that are stored in hardware devices or by using keys stored in a Java™ keystore file.

About this task

Web Services Security using cryptographic hardware devices is supported for both web (JavaServer Pages (JSP) or servlet) and Enterprise JavaBeans (EJB) web service clients. You can enable Web Services Security by using cryptographic hardware devices for both web service clients and web service providers that are running in the WebSphere Application Server environment.

There are two ways to enable hardware cryptographic devices for Web Service Security: use keys that are stored in hardware devices or use keys stored in a Java keystore file.

Procedure

Determine whether to use keys that are stored in hardware devices or in a Java keystore file for the individual application.
Enable hardware cryptographic devices for Web Service Security by using one of the following two methods:
- Enable cryptographic operations on hardware devices. See Configuring hardware cryptographic devices for Web Services Security for more details.
- Enable cryptographic keys that are stored in hardware devices. See Enabling cryptographic keys stored in hardware devices in Web Services Security
Note: Hardware cryptographic devices for Web Services Security are not supported on the Java Platform, Enterprise Edition (Java EE) Application Client on distributed platform.