Gerard van der Maaden

Everything You Always Wanted to Know About Integration, BizTalk, .Net and more (But Were Afraid to Ask)
  Home  |   Contact  |   Syndication    |   Login
  2 Posts | 0 Stories | 18 Comments | 0 Trackbacks

News

Tag Cloud


Archives

How to configure SoapUI with client certificate authentication

SoapUI is one of the best free tools around to test web services. Some time ago I was trying to send a soap message towards a SSL web service that was set up for client certificate authentication. I pretty soon got stuck at the “javax.net.ssl.SSLException: HelloRequest followed by an unexpected handshake message” error, but after reading several posts on the internet I solved that issue. It’s not really that complicated after all, but since I could not find a decent place on the internet that explains this scenario in a proper way, here’s a list of steps that you need to do to make it work.

Note: this following steps are based on a Windows environment

 

Step one:

Export your certificate (the one that you want to use as the client certificate) using the export wizard with the private key and with all certificates in the certification path:

Picture_(Device_Independent_Bitmap)_1

Picture_(Device_Independent_Bitmap)_2

Give it a password (anything you want):

Picture_(Device_Independent_Bitmap)_3

And export it as a PFX file to a location somewhere on disk:

Picture_(Device_Independent_Bitmap)_4

Step two:

Install the newest version of SOAP UI (currently it is 3.6.1)

Open the file C:\Program Files\eviware\soapUI-3.6.1\bin\ soapUI-3.6.1.vmoptions and add this line at the bottom:

-Dsun.security.ssl.allowUnsafeRenegotiation=true

Picture_(Device_Independent_Bitmap)_5

This is needed because of a JAVA security feature in their newest frameworks (For further reading about this issue, read this: http://www.soapui.org/forum/viewtopic.php?t=4089 and this: http://java.sun.com/javase/javaseforbusiness/docs/TLSReadme.html).

 

Open SOAPUI and go to preferences>SSL Settings and configure your certificate in the keystore (use the same password as in step one):

Picture_(Device_Independent_Bitmap)_6

That should be it. Just create a new project and import the WSDL from the client authenticated SSL webservice:

Picture_(Device_Independent_Bitmap)_7

And now you should be able to send soap messages with client certificate authentication.

The above steps worked for me, but please drop a note if it does not work for you.

posted on Thursday, February 24, 2011 12:35 PM

Feedback

# re: How to Install Soap UI 5/25/2011 11:22 AM Shahrukh Ali Khan
i am new to testing and heard about this software a lot so thought of testing it by using it can you kindly tell how can i install it , because i have already downloaded it 3.6.1 version in zip format but i cant find any installer ? can you help please ?


# re: How to configure SoapUI with client certificate authentication 5/26/2011 11:16 AM Gerard van der Maaden
I suppose this should be the link: http://sourceforge.net/projects/soapui/files/
From there you can download the installer.

# re: How to configure SoapUI with client certificate authentication 7/8/2011 5:12 PM Brian
This worked for me. I was having the exact problem. Thanks a million!

# re: How to configure SoapUI with client certificate authentication 7/12/2011 12:17 PM Jaya
Even i have same problem. But thing is i dont know how to "Export your certificate" . Can you please let me how to use P12 key in your SOAP UI

# re: How to configure SoapUI with client certificate authentication 7/12/2011 7:57 PM Gerard van der Maaden
@Jaya: for any Windows based system I suppose you could do that via the Certificates snap-ip in MMC, or via Internet Explorer ("Internet Options", "Content" tab and then "Certificates" button). See http://www.tech-pro.net/export-to-pfx.html or http://www.pentaware.com/pw/how_to_export_a_pfx_file_from_your_browser.htm

# re: How to configure SoapUI with client certificate authentication 7/15/2011 5:38 AM Srinath
Hi,
Any inputs on how to configure the soap-ui to work in a 2 way authentication mode?

Thanks,
Srinath K

# re: How to configure SoapUI with client certificate authentication 7/16/2011 3:21 PM Gerard
@Srinath: Well, my post here above basically explains the client certificate part of the two way authentication mode.
For the server certificate part you really don't need to do much (provided that the server certificate is valid).
Are you facing a particular difficulty?

# re: How to configure SoapUI with client certificate authentication 7/20/2011 6:28 PM Elo
Hi,

Please my issue is with browser. I downloaded SoapUI 4 and hit a road block during recording the test script. The URL beings up the application but I get a warning from the application that it must be IE7 or higher. Locally I have IE8 installed on the machine and I cannot change the browser requirement for the Application Under Test.
Is there a way to update a settings in SoapUI to recognize or have it use same version on my local: IE8?

I hope my question makes sense. I am new to the tool/QA.

Thanks
Elo

# re: How to configure SoapUI with client certificate authentication 10/25/2011 7:54 PM Adil Tata
Hello and thank you for the client authentication tips. Worked for me and saved me some time.

regards,

Adil Tata

# re: How to configure SoapUI with client certificate authentication 11/29/2011 2:07 AM raju
It worked beautifully. Thanks for sharing.

# re: How to configure SoapUI with client certificate authentication 12/9/2011 10:35 PM santosh
hi
got the wsdl file and try to run the wsdl in soap ui and the response get the following error:
<faultString>Error authenticating</faultString>


# re: How to configure SoapUI with client certificate authentication 12/23/2011 3:33 AM Druv
Thankas Ton it worked for me but the only thing is after applying the SSL settings we had to close SOAP UI and reopen!!

# re: How to configure SoapUI with client certificate authentication 1/10/2012 7:19 AM Kabeer Khan
Can you plz tell me how should i configure my soap UI for server side authentication?? I am working on a project where we have web service hosts and that require server side authenticatin?

# re: How to configure SoapUI with client certificate authentication 1/12/2012 8:00 AM Kabeer
No, i want to authenticate my server? with server's certificate and its key...

# re: How to configure SoapUI with client certificate authentication 2/14/2012 9:31 AM Nagaveni G
Hi,

Thanks for the steps, i have done same configuration and when i sending a request from mock test, i get a response as socketexpection: socket closed.

I am using server and client in same soap ui project, the url i am using is https:\\localhost:8088 where i have configured the ssl to the port 8088

Please help.

# re: How to configure SoapUI with client certificate authentication 5/18/2012 9:20 AM Ozgur Akdemirci
I'm trying to test a wcf service with ssl + client certificate. But I can not export Private Key of the client certificate. Is there any other option you can suggest? Thanks

Post A Comment
Title:
Name:
Email:
Website:
Comment:
Verification: