Digital Signatures and Certificates
The TIBCO iProcess Web Services Plug-in supports the use of SOAP digital signatures and digital certificates that conform to the X.509 standard. Certificates are used to verify your identity by means of a trusted third party (for example, Verisign).The following diagram shows how certificates can be used:
The following figure shows how SOAP digital signatures using public/private key encryption work.
How to accomplish this with the TIBCO iProcess Web Services Plug-in
1. | Certificates - in a test environment, generate the certificate using your preferred tool. In a production environment, you should obtain a signed certificate from a trusted third party. Put the certificate in the SOAP/SSL Security keystore that you specified when you installed iProcess Web Services Plug-in. For more information see the TIBCO iProcess Web Services Server Plug-in Installation Guide and TIBCO iProcess Web Services Client Plug-in Installation Guide. |
Signatures - generate the signature using your preferred tool.
Note |
The Java Development Kit (JDK) provides a command line tool called keytool located in the |
2. | Specify the signature or certificate details in the Security Profile Administrator (see Setting Up and Managing Security Profiles). |