Help with WSA Security in SOAPUI Pro

Question

Hi Smartbear SupportI’m new to WSA security,I have set up my project with keystore and everything is working ok on outgoing security, but on incoming the packet never decrypts.I am getting an error  : org.apache.ws.security.WSSecurityException: The signature or decryption was invalid  There is very little configuration in the incoming security settings, I use the same keystore for incoming and outgoing.I’m not sure what the configuration should be for this?Can you help me?

mcotter · Answer

Bump...

mcotter · Answer

Any news on this question?Is this forum still a support forum? Even an acknowledgment would be nice.

smartbear_suppo · Answer

Hi!If you are using the same keystore in the incoming configuration to decrypt incoming messages, you have to make sure that it also contains the private key corresponding to the public key you used for decryption, if you are using asymmetric keys.Is this the case?-- RegardsErikSmartBear Sweden

mcotter · Answer

Thanks for the response.

Yes the same keystore is being used for incoming and outgoing encryption, I have imported the servers signed key into the cleints (soupUI) keystore, and the server has the clients signed key in its keystore. This is still causing issues for me.

Set up is like :

https://docs.jboss.org/author/display/JBWS/WS-Security

smartbear_suppo · Answer

Hi,hmm... well, it seems that for some reason soapUI isn't finding the correct client key to decrypt/verify the incoming message - can you attach screenshots of the incoming and outgoing WSS configurations that you are using? regards!/OleSmartBear Software

Forum Discussion

Help with WSA Security in SOAPUI Pro

8 Replies

Recent Discussions

Test result Pass when data source times out

Run Test Case properties not populating for Data Source based items

Save Groovy output to JUnit report

Related Content

SoapUI project keystore password security?

log4j security vulnerability

[Solved] SSL Handshake exception calling a secure webservice