NonStop SOAP User's Manual
NonStop SOAP with Digital Signatures
NonStop SOAP User’s Manual—520501-012
7-12
NonStop SOAP Header for Digital Signature
•
Under SCENARIO 2, the client may send both the subject name and its X509
certificate. For this, a child element X509Data is defined under KeyInfo. The
structure of the KeyInfo element with its child elements is as follows.
<ds:X509Data>
Requirement Category: OPTIONAL
This element contains the information of the client’s certificate. Child elements
X509SubjectName and X509Certificate contain the DN values and X509
certificate of the client. This enhancement supports the X509 version 3
certificates only. The keys used to generate the certificate requests must be
RSA keys. NSSOAP requests containing references to any certificate other
than X509 version 3 certificates are considered invalid.
<ds:X509SubjectName>
Requirement Category: OPTIONAL
X509SubjectName is the child element to X509Data and contains the
canonical form of the DN attributes of the certificate used for authentication.
<ds:X509Certificate>
Requirement Category: OPTIONAL
X509Certificate is also a child element of X509Data and contains the
certificate itself used for authentication.
•
Under SCENARIO 3, the client may wish to send only the certificate used for
authentication. The structure of the KeyInfo element with its child elements.
•
Under SCENARIO 4, the client may wish to send only the Subject Name of the
certificate associated with the client.