According to WSIT tutorial chapter 6 mutual certificate security, it demonstrates how to create a server side WSIT configuration file for mutual authentication.
It says make sure sc:KeyStore> is in the file. But why it does not have <sc:TrustStore> to authenticate the client?
This is an example I generated:
I am not sure what you are asking because in chapter 6 they explain how to secure the client and server, and this is the description of Mutual Certificates Security:
Mutual Certificates Security
The Mutual Certificates Security mechanism adds security via authentication and message protection that ensures integrity and confidentiality. When using mutual certificates, a keystore and truststore file must be configured for both the client and server sides of the application.
posted 5 years ago
Thanks for your reply.
When mutual authentication is used, the server should have a trust store to authenticate the client's certificate.
But in the previous example, after line 55, there is no <sc:trustStore>..... node on the server side's WSIT config file.
However in the client side's WSIT config file, there is a keyStore and trustStore like this as shown in chapter 6: