Using X.509 Policy to secure Web Services

X.509 policy is an alternative to https (SSL) where the main purpose is to secure the SOAP message. It supports timestamp, signature, and encryption. It implements the concept of PKI (Public Key Infrastructure).

These instructions assume you are using Java with CXF. See information in http://cxf.apache.org/.