ACC, Web Start and IIOP/SSL
The automatic Web Start availability of enterprise application clients is very convenient, but only if the client-server communication is encrypted (at least in our environment). I pieced together what I think needs to happen to encrypt client/server communication (add ior-security-config to sun-ejb-jar.xml; specify IIOP/SSL port in target-server in sun-acc.xml, and possibly add a client-credentials tag in sun-acc.xml; specify VMARGS for certs), however, significant parts of the process require modifying sun-acc.xml.
I am unsure how to specify values in the (apparently) auto-generated sun-acc.xml used by ACC apps deployed with Web Start. I initially tried modifying /config, but to no avail. The sun-acc.xml distributed via Web Start (found on my Windows machine in /Local Settings/Temp) bears no resemblance to the file I modified on the server.
Is there a way to control the sun-acc.xml for ACC applications deployed with Web Start? Or is there another/better way of setting up IIOP/SSL communication?