Forum Discussion

GRUWEZ's avatar
14 years ago

Does SoapUI also check chain of trust on incoming messages?

I have set up SoapUI to automatically sign my outgoing requests. This works fine. The server correctly validates the request and returns a signed response. SoapUI is able to validate the security on the response, but I am not sure if the chain of trust to a trusted root CA is also checked. The response contains the X509 certificate of the signer, but my local keystore does not contain the issuer of that certificate.

My questions:
1. Does SoapUI try to establish a chain of trust from the certificate found in the response and a trusted root CA?
2. If so, where does it locate this CA if it is not found in the supplied keystore?

Thanks for your input!
No RepliesBe the first to reply