header
header
Main Menu
Home
Eviware Store
Downloads
Products
News
Forum
Eviware Blog
Search
FAQs
Customer Area
Support
Documentation
Tutorials
CookBook
Downloads
Forum
Login Form
Welcome, Guest. Please login or register.
December 01, 2008, 06:44:19 pm
Username: Password:
Login with username, password and session length

Forgot your password?
 
How to get SSL client certificates to work with soapUI
Welcome, Guest. Please login or register.
December 01, 2008, 06:44:19 pm
Home Help Search Login Register
News: The Forums are up! Welcome to eviware.

+  Eviware Forum
|-+  soapUI
| |-+  soapUI
| | |-+  How to get SSL client certificates to work with soapUI		 « previous next »
Pages: [1] Print
Author Topic: How to get SSL client certificates to work with soapUI  (Read 1371 times)
Daniel Twum
Newbie
*
Posts: 3
« on: July 16, 2007, 10:12:38 pm »
I have been searching the forums on how to get SSL client certs to work with soapUI. I have specified the keystore and password but it does not look like soapUI is presenting the client certificate during SSL negotiations.

Is this a supported feature? If it is, can you specify the steps to follow to get this feature working?

Thanks,
--Daniel
Logged
omatzura
Administrator
Hero Member
*****
Posts: 1,466
« Reply #1 on: July 16, 2007, 10:35:22 pm »
Hi Daniel,

this is how it is supposed to work.. which soapUI version are you using?

You can also try your certificate by specifying it directly in the keystore setting (ie specify the certificate file instead of the keystore)..

Please try 1.7.5 beta2 which has updated SSL support.. also please note if you are getting any errors in the log when specifying the certificate..

regards!

/Ole
eviware.com
Logged
Daniel Twum
Newbie
*
Posts: 3
« Reply #2 on: July 23, 2007, 09:33:15 pm »
Hi Ole,

I am using soapui v 1.7.

I noticed that when I display the contents of my keystore file,
it shows mykey as a trustedCertEntry - I had read somewhere
that mykey needs to be a keyEntry and gave a command using
openssl on how to convert the crt cert file into a .cer or .der that
soapui will use.

Any more info on this?

thanks,
--Daniel


C:\MNG\certificates>keytool -list
Enter keystore password:  fidelity

Keystore type: jks
Keystore provider: SUN

Your keystore contains 1 entry

mykey, Jul 23, 2007, trustedCertEntry,
Certificate fingerprint (MD5): 8A:FA:C1:0D:D0:D2:6E:11:DB:91:0B:4C:8C:BD:44:91[/color]
Logged
omatzura
Administrator
Hero Member
*****
Posts: 1,466
« Reply #3 on: July 23, 2007, 09:39:35 pm »
Hi Daniel,

thanks for your feedback.. Would it be possible for you to try this with the beta2 version of soapUI 1.7.5 which has an updated ssl-library for reading and negotiating keys.. (and we could continue our error-search from there if it doesn't work)..  let me know!

kind regards,

/Ole
eviware.com
Logged
Daniel Twum
Newbie
*
Posts: 3
« Reply #4 on: July 23, 2007, 10:09:27 pm »
Hi Ole,

I have installed soapUI 1.7.5 Pro beta and the same issue occurs.
I had listed the contents of the .keystore file in the prior posting.

It seems soapUI has a problem reading the keystore with the error:

2007-07-23 17:06:09,955 INFO  [HttpClientSupport$Helper] Updating keyStore..
2007-07-23 17:06:09,971 ERROR [HttpClientSupport$Helper] Failed to load KeyMaterial [C:\Documents and Settings\A416304\.keystore] org.apache.commons.ssl.ProbablyBadPasswordException: Probably bad JKS password: java.io.IOException: Keystore was tampered with, or password was incorrect
2007-07-23 17:06:09,971 INFO  [HttpClientSupport$Helper] Updating keyStore..
2007-07-23 17:06:09,971 ERROR [HttpClientSupport$Helper] Failed to load KeyMaterial [C:\Documents and Settings\A416304\.keystore] java.security.KeyStoreException: No private keys found in keystore!
Logged
omatzura
Administrator
Hero Member
*****
Posts: 1,466
« Reply #5 on: July 23, 2007, 11:42:19 pm »
Hi Daniel,

thanks.. we'll look into this and I'll get back to you..

one question: can you mail me the keystore for debugging? (ole@eviware.com) .. of course it's perfectly understandable if you cant :-)

regards!

/Ole
eviware.com
Logged
ven
Newbie
*
Posts: 2
« Reply #6 on: August 27, 2007, 03:48:21 pm »
Hi Daniel ,

I am also facing the same issue ,whenever i import the keystore soap ui says no private key found.

Just wondering if u happen to have a solution for this .

Hey Ole,

Can u pls let me know if there is any way out .

thanks
Logged
omatzura
Administrator
Hero Member
*****
Posts: 1,466
« Reply #7 on: August 27, 2007, 05:25:50 pm »
Hi!

you need to import both the certificate and the private key into your keystore, which isn't as easy as it sounds ;-) Fortunately, there is help at hand at http://www.agentbob.info/agentbob/79.html (credit to Daniel who found this link..)

Hope this helps!

regards,

/Ole
eviware.com
Logged
Pages: [1] Print 
« previous next »
Jump to:  


Login with username, password and session length

Powered by MySQL Powered by PHP Powered by SMF 1.1.2 | SMF © 2006-2007, Simple Machines LLC Valid XHTML 1.0! Valid CSS!
header header
header
header