Forum Discussion

vemsm01's avatar
vemsm01
New Contributor
16 years ago

Client Cert with http request

Hi,

I would like to know if SOAPUI 3.5 pro supports sending client cert when the request is http request to a webserver which has SSL enabled and requires client cert. I am not posting a soap message. Request is not to a webservice it's a request to access JSP from websphere.

I created a keystore and added CAtrust and client cert to the key store and configured keystore to the soapui as mentioned in the website.
http://www.soapui.org/userguide/prefere ... L_Settings
But SOAPUI is not sending the client cert. Same certs if I add them to the browser, browser sends the CA trusted client cert to the server and works fine.

I went and looked in to the source code of SOAPUI seeing that SOAPUI extends EasySSLProtocolSocketFactory class but does not extends AuthSSLProtocolSocketFactory of the httpclient which is responsible for client cert authentication.

Please let me know if anybody have information on how to make SOAPUI work for sending client certs on https request.

Also I and 50 other people in my company have pro license. Just wondering is there any other best way to escalate this issue with SOAPUI.


Thanks
Smitha.
  • pvdev's avatar
    pvdev
    New Contributor
    16 years ago
    We had issues with certificates not being presented.  Initially both sides, client and server, used self-signed certs and everything was ok.  Once we introduced a CA root certificate on the server side and it started sending a list of CA certs in the SSL client-auth certificate request soapUI stop responding with it's certificate.

    We basically, created another client certificate on the test CA.  Added it to soapUI and setup that CA in the server's trust store and were back in business.

    Hope it helps...
  • vemsm01's avatar
    vemsm01
    New Contributor
    16 years ago
    Hi pvdev,

    interesting thing is if I import the same certs that I have in SOAPUI key store to my browser. I see browser sending the certs to the server. I think that indicates server has CA cert installed and configuration is fine. It's only with SOAPUI I am not seeing certs being sent. Couple other colleagues in my company are also facing similar issue.

    Could you please tell me which tool you used for creating keystore. I will give a try with that tool and see.

    thanks
  • pvdev's avatar
    pvdev
    New Contributor
    16 years ago
    Yes, it probably has something to do with the Java soapUI sits on.  Browser's have there own crypto engine and therefore the different response to the situation.

    I use a combination of java keytool and openssl.