Inbound or Inbound Fault Policy Type Fields
|
Supported Signature Methods
|
No
|
The algorithm used to check the signatures of incoming messages. You can select one or more of the following:
-
SHA1
-
SHA256
-
SHA384
-
SHA512
|
Supported Security Tokens
|
No
|
Is the security token to use for the signature. You can select one or more of the following:
-
X.509 Token
-
UsernameToken
|
Trusted Certificates Folder
|
No
|
Is the folder containing the trusted certificates for signature verification.
Note: The certificates in the trusted folder are only necessary when the authenticating user is the same as the user who signed the message. In this case, the message contains the public key, the receiver must verify against the trusted certificate. However, if the authenticating user is not the same as the user who signed the message, the user must define a subject key identity that holds the public key.
|
Subject Key Identity
|
No
|
Specifies an Identity resource containing a keystore that holds an X.509 certificate. The inbound message must match the subject key contained in the certificate.
|
Outbound or Outbound Fault Policy Type Fields
|
Signature Method
|
No
|
The algorithm used to create signatures for outgoing messages. You can select one of the following:
-
SHA1
-
SHA256
-
SHA384
-
SHA512
|
Security Token
|
No
|
Is the type of security token to use for the signature. You can select one of the following:
-
X.509 Token
-
UsernameToken
|
Username Password Identity
|
No
|
When UsernameToken is selected in the Security Token field, this shows the Identity resource that contains the username and password. for more information about Identity resources, see TIBCO Designer™ Palette Reference.
|
Password Type
|
No
|
Specify whether you want to use text or digest passwords.
|
X.509 Identity
|
No
|
When you select X.509 Token in the Security Token field, this field indicates the Identity resource containing the X.509 compliant identity file. For more information about Identity resources, see TIBCO Designer™ Palette Reference.
|
Key Identifier Type
|
No
|
When you select X.509 Token in the Security Token field, this field specifies all the references to X.509 token types for signing.
You can select one of the following:
-
Direct Reference
-
Subject Key Identifier
-
Issuer Serial
Note: If the Key Identifier Type selected is of type Subject Key Identifier, ensure that the X509 Certificate used contains the Subject Key Identifier information.
|
Certificate Alias
|
No
|
When the Identity resource specified in the X.509 Identity field is of type JKS or JCEKS, specify the certificate alias in this field to identify the private and public key pair.
|
Use Password for the Key
|
No
|
When the Identity resource specified in the X.509 Identity field is of type JKS or JCEKS, select the check box to configure a password for the private key.
Note: If the check box is not selected, the password has to be the same for the keystore and the private keys stored inside it.
|
Alias Password
|
No
|
This field is enabled when the Use Password for the Key check box is selected.
Specify a password for the private key.
|