Greetings,
In the Ready-API / SoapUI-NG-Pro tool there is a setting under "Interla Browser" option to "Trust Self Signed Certificate".
Is there such a "trust certificate" setting in the Open Source version of SoapUI ? I cannot find any setting for Internal Browser on SoapUI-v5.2.1 Thanks. CFR
Hi,
If you mean in terms of trusting server certificates then SoapUI is overridden to trust all certificates, I don't think there is a way to toggle this.
If you need more details let me know,
Regards,
Rupert
The behavior I am seeing is different, specifically, the Open Source SoapUI is NOT trusting self signed certificates, this is apparent when trying to perform Oauth 2.0 authentication.
I encountered the same problem in the Pro Ready-API, but solved it there by changing the Internal Browser setting to trust self signed certificates.
In the Open Source Version, the SoapUI Internal Browser is not trusting the certificates and the internal browser is not able to open the authentication page.
Thanks,
CFR.
Hi CFR,
OK, no problem. My remark was regarding consuming a web service over HTTPS. In this case there is a custom SSLSocketFactory (SoapUISSLSocketFactory) that has been written to override the checkServerTrusted methods to do nothing. You can check this in the Git repository for the open source version:
// trust everyone!
X509TrustManager tm = new X509TrustManager() {
@Override
public X509Certificate[] getAcceptedIssuers() {
return null;
}
@Override
public void checkClientTrusted(X509Certificate[] certs, String authType) {
}
@Override
public void checkServerTrusted(X509Certificate[] certs, String authType) {
}
};
But this does not sound related to the browser part of the OAuth authentication functionality.
Thanks,
Rupert
