When using asymmetrical message signature and encryption, you can define the source of the certificate further which is used to encrypt the response message.
This option only exists for cases where the receiver of the message (that sends the response message) is an SAP system . If you have made the above security settings, it is a prerequisite that this attribute is only displayed in one of the following cases:
You are dealing with a sender channel (in this case the message receiver is the Integration Server - an SAP system)
You are dealing with a receiver channel and the receiver system is an SAP system.
Make the required settings (under Source of the Response Encryption Certificate).
You have the following options:
Use signature certificate of the inbound message
If you select this option, the signature certificate contained in the inbound message is used to encrypt the response message.
Recommendation
This option is generally recommended.
Manually select the source of the key
If you have selected this option then the Encryption Certificate in PSE WSSCRT field is displayed. Use the input help to select one of the available certificates.
When configuring a sender channel you can select from the certificates that were imported into the personal system security environment (PSE) WSSCRT PSE of the Integration Server system.
When configuring a receiver channel you can select from the certificates that were imported into the WSSCRT PSE of the receiver system.
Note
You can also find these certificates in the corresponding system if you call the Trust Manager (transaction STRUST) under PSE WSSCRT.
For more information, see: Trust Manager
For more information, see: WS Security XML Signature/Encryption