3.6.1 Issues with Two-Way SSL
I'm seeing some issues with 3.6.1 and handling two-way ssl.
The set up is as follows. I have the server's CA placed in the SoapUI's java cacerts. I have a java keystore with my user cert (I noticed you cannot select a specific user, so only one user in the keystore.) The testing is with REST services. I have the keystore and password set up in global Properties and project Security Configurations under the Keystores/Certificates tab. I set the user in the endpoints of the WADL. I also added the java property -Dsun.security.ssl.allowUnsafeRenegotiation=true in the soapUI-Pro-3.6.1.vmoptions to avoid the unsafe renegotiations issue.
I call a REST service I know works, as I can manually navigate to it and use the same credentials to get a valid result. I also get a valid result in SoapUI, but I also get a pop up stating: Security Issue: Certificate errors: 1. The certificate authority is untrusted. You need to approve or reject loading of this page. Buttons: Approve, Reject.
The call has already gone through as I see the results behind the pop-up. Every time I run the REST service I get the pop-up.
Here is the interesting part. I have Soap 3.6 installed as well. It uses the same project with the same settings. The global and project properties are the same. I've made sure the cacerts in each install is the same. When I use Soap 3.6, there are no pop ups.
The only difference I see, besides the pop-ups, is in the HTML tab. On 3.6, the HTML tab does not load anything. In 3.6.1, the browser loads a Secure Connection Failed page with SERVERNAME uses an invalid security certificate. The certificate is only valid for SERVERNAME. It also notes I can make an exception in the advanced encryption settings, but I'm not sure which settings those are as I already have set up all the certs. (SERVERNAME replaces the actual server.)
Is this a bug in SoapUI 3.6.1 or am I missing something?
The set up is as follows. I have the server's CA placed in the SoapUI's java cacerts. I have a java keystore with my user cert (I noticed you cannot select a specific user, so only one user in the keystore.) The testing is with REST services. I have the keystore and password set up in global Properties and project Security Configurations under the Keystores/Certificates tab. I set the user in the endpoints of the WADL. I also added the java property -Dsun.security.ssl.allowUnsafeRenegotiation=true in the soapUI-Pro-3.6.1.vmoptions to avoid the unsafe renegotiations issue.
I call a REST service I know works, as I can manually navigate to it and use the same credentials to get a valid result. I also get a valid result in SoapUI, but I also get a pop up stating: Security Issue: Certificate errors: 1. The certificate authority is untrusted. You need to approve or reject loading of this page. Buttons: Approve, Reject.
The call has already gone through as I see the results behind the pop-up. Every time I run the REST service I get the pop-up.
Here is the interesting part. I have Soap 3.6 installed as well. It uses the same project with the same settings. The global and project properties are the same. I've made sure the cacerts in each install is the same. When I use Soap 3.6, there are no pop ups.
The only difference I see, besides the pop-ups, is in the HTML tab. On 3.6, the HTML tab does not load anything. In 3.6.1, the browser loads a Secure Connection Failed page with SERVERNAME uses an invalid security certificate. The certificate is only valid for SERVERNAME. It also notes I can make an exception in the advanced encryption settings, but I'm not sure which settings those are as I already have set up all the certs. (SERVERNAME replaces the actual server.)
Is this a bug in SoapUI 3.6.1 or am I missing something?
