When applying to ws-security through cxf, I'm likely to use X.509 certificates in order to do the signature and encryption action.
I got some helps by this document: http://cxf.apache.org/docs/ws-security.html but I cannot fully understand the Using X.509 Certificates section. For not the development but the production environment, is it implemented if I decide to use an algorithm used in keystore and a certified company which certificates an signature(or manage to do it for myself). Then is it posslbie whatever the algorithm used in keystore is despite not certified? And without a keystore, would I am unable to implement ws-security in the ways that do the signature and encryption action? its so difficult for me to understand ws-security itself and hope to understand my incoherent question. regards, sic -- View this message in context: http://cxf.547215.n5.nabble.com/required-things-to-implement-ws-security-tp2402524p2402524.html Sent from the cxf-user mailing list archive at Nabble.com.
