Hello, for making a web service call over SSL we have added the server's public key into our SOAP client's truststore--evidently necessary for verifying the signature of the service response and also encrypting what is sent to the web service provider. It works so far as-is. But I was wondering--is it a cleaner/safer design, or actually not called for due to security issues, to actually import and trust the entire certificate chain, up to the root certificate, into the SOAP client's truststore? I'm using a Java jks keystore, by the way.
Thanks, Glen -- View this message in context: http://www.nabble.com/Trusting-entire-certificate-chain--tp23873642p23873642.html Sent from the Axis - User mailing list archive at Nabble.com.
