When a SOAP service specifies its WSSE requirements, they are published in the WSDL, including the location and the passwords of the keystore and truststore files. These settings are usually specific to that SOAP server.
On the client side, according to the wiki, the location and the password of the keystore and truststore files are specified in via JVM system properties. However, the dynamic WS client is using the WS-Security settings from the WSDL file, ignoring the client side system properties.