Close this search box.

How to configure SoapUI with client certificate authentication

SoapUI is one of the best free tools around to test web services. Some time ago I was trying to send a soap message towards a SSL web service that was set up for client certificate authentication. I pretty soon got stuck at the “ HelloRequest followed by an unexpected handshake message” error, but after reading several posts on the internet I solved that issue. It’s not really that complicated after all, but since I could not find a decent place on the internet that explains this scenario in a proper way, here’s a list of steps that you need to do to make it work.

Note: this following steps are based on a Windows environment

Step one:

Export your certificate (the one that you want to use as the client certificate) using the export wizard with the private key and with all certificates in the certification path:

Give it a password (anything you want):

And export it as a PFX file to a location somewhere on disk:

Step two:

Install the newest version of SOAP UI (currently it is 3.6.1)

Open the file C:\Program Files\eviware\soapUI-3.6.1\bin\ soapUI-3.6.1.vmoptions and add this line at the bottom:

This is needed because of a JAVA security feature in their newest frameworks (For further reading about this issue, read this: and this:

Open SOAPUI and go to preferences>SSL Settings and configure your certificate in the keystore (use the same password as in step one):

That should be it. Just create a new project and import the WSDL from the client authenticated SSL webservice:

And now you should be able to send soap messages with client certificate authentication.

The above steps worked for me, but please drop a note if it does not work for you.

This article is part of the GWB Archives. Original Author: Gerard van der Maaden

Related Posts