Hi,
I'm going to quote from a couple of posts by Bryan Hogan, who worked on Web Services when the product was in-house at IBM. You can still find these posts on an old Yahoo newsgroup, but you may have to sign up to view them:
http://groups.yahoo.com/group/vastws/message/326.
"Below is information/instructions that describe how to use HTTPS (SSL) to
secure the VAST Insurance example.
1) Modify the implementation WSDL to specify an https URL as the service
endpoint. ie) <soap:address location=
"https://vasthost:63003/SstWSServlet"/>
When the service is deployed, the endpoint will automatically be created as
'https' listener. It may be necessary for you to customize the transport
configuration for the 'https' transport prior to deploying the service.
See the method SstHttpsCommunications>>#serverTransportConfiguration for
the default configuration. You will see that an SSL "security
configuration" is created, and the default configuration specifies a
certificate file name of 'cert.pem' and a key file name of 'key.pem'.
When clients try to connect to the 'https' endpoint, SSL will attempt to
authenticate using the specified certificate file. SSL errors will occur
if the certificate is not found. So, you can either create and register a
custom transport configuration, or copy your certificate file to the name
'cert.pem' in your image directory.
See the method SstHttpsCommunications>>#registerPluginConfigurations to see
how transport configurations can be registered.
That should be all there is to it. Now, you can deploy your hosted service
and clients can invoke the service over secure connections."
Another post by Bryan from the same thread:
"Use the #serverTransportConfiguration method strictly as a model for
constructing a custom transport configuration. The method gets invoked at
application load time to initialize a registry of transport
configurations. Therefore, the #serverTransportConfiguration will not be invoked during
normal web service message processing. Step through the code below to
see how configurations are registered.
SstHttpsCommunications halt registerPluginConfigurations
You can replace the 'https' and 'httpsl' transport configurations with
customized versions if desired. If you replace the transport
configurations, be sure that equivalent code is executed in a runtime
image to properly initialize the transport registry.
When building your reduced runtime image, be sure to include the
application SstWebServicesHttpsSupport."
I have successfully modified the Insurance Example and created an ssl socket using these instructions; however they do not specifically cover deploying only the client wsdl and connecting with a remote server via https. Perhaps the example will give you a starting point.
Diane