I think I would try to answer some of the questions you have asked For Symmetric binding you will need a external policy as shown below Also you will need to provide password to your jks having the certs to sign and encrypt via a Client Password Callback handler.
see attached policy as example http://cxf.547215.n5.nabble.com/file/n4557374/addr-external.xml addr-external.xml -- View this message in context: http://cxf.547215.n5.nabble.com/How-different-phase-and-interceptor-works-in-CXF-tp4554321p4557374.html Sent from the cxf-user mailing list archive at Nabble.com.
