The scenario of AsymmetricBinding X.509 + X.509 EndorsingSupportingToken is not really supported - as it just uses the same keystore for both. It tends not to arise in practice though - why would a client need to sign multiple message parts with different certificates?
For the Symmetric case it uses the signature keystore, as the main binding only uses the encryption keystore to encrypt the symmetric key to the recipient. Colm. On Tue, Nov 13, 2018 at 10:23 PM vlad.balan <vlad.ba...@gmail.com> wrote: > Hello > > and thanks for reading. > > I don't understand how to configure CXF to make it read the certificate > (Endorsing)SupportingToken from disk. > > The encryption properties file and signature properties file are for the > "primary" signature and encryption certificates, those specified through > the > symmetric/asymmetric binding. > > But how about the SupportingToken when you have both: symmetric/asymmetric > binding AND SupportingToken of type certificate? How do you specify the > SupportingToken to CXF? > > Thanks. > > > > -- > Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com