I've secured a service using Rampart, and now I'm considering how to implement the certificate issuance portion.
To get the service running, I followed Ruchith Fernando's tutorial: http://wso2.org/library/174 Is it necessary to modify the service's keystore to add new client certificates? Is it possible to store the service's copy of the client's public keys in a database or in separate files in the filesystem? Why does my password callback class need to supply the client's certificate password? It's just supposed to be the client's public key, right? So, why the password? Thanks, Nate Roe
