Posted: 18 May 2015 7:34 EDT Last activity: 20 May 2015 11:28 EDT
Web Service Security profile, certificates and keystore not working
We have to connect to a external web service. We are given a certificates in crt format and a CA_Root.jks keystore. We converted the crt file into a jks file via Protacle tool. We the put the jks file in our pega application under a keystore rule. In the web service security profile instance (say iasa) we added the keystore in keystore tab. Then in the advanced tab of Connect-Soap rule we enabled web service security and mentioned the web service security instances name (i.e iasa). My question is what we will configure next. Does the service need to provide any other information? How we will fill the inflow and outflow tab?
You would configure the outflow tab if the SOAP message you are sending needs parts of the envelope to be encrypted or digitally signed. Likewise, you would configure the inflow tab if the SOAP response needs to be decrypted or have its signed parts validated. If you are sending the SOAP message over a secure channel (i.e.https) and are not using the certificates for anything related to WS-Security, you don't need to configure either the inflow or outflow tabs.