WSS X.509 Token Profile

Use the X.509 framework for a WSS X.509 security profile.

An X.509 certificate is used to validate a public key that is used to sign the incoming SOAP message. It specifies a binding between a public key and a set of attributes that includes (at least) the following:
  • subject name
  • issuer name
  • serial number
  • validity interval

Use the X.509 authentication framework as defined by the Web Services Security: SOAP Message Security specification.

Upload the certificate and reference it in the X509 Certificate field. If this is a bound session, select the user to impersonate when the WS-Security authentication succeeds.

Figure 1. WSS X.509 Security Profile