SOAP Sender adapter wsse-security

HI Experts,

I need clear explanation of one topic.

We have SAP PI scenario SOAP sender to RFC. It works fine and now I want to implement wss security standard.

I have selected message security in SOAP Adapter and specified in Integrated Configuration Object (ICO) security procedure for requested message decrypt and validate. I have generated key pair (private and certificae) in SAP Keystorage views (JAVA).

For Decryption (WS Request) I choose my private key.

But to verify signature what Issuer and subject do I need to select? Issuer and subject partner's private key? If we have a lot of consumers how I can select different Issuer and subject?

And how can I give public key to a partner for encryption? Because if I export only public certficate in base64 format partner in SOAPUI tool can't import certificate in keystore, he get error: Can't build keystore Private key missing.

I don't understand.

Or I need to generate only one pair and we will use same pair keys to encrypt/decrypt but I think it's not safe...