Hi,when I connect to my web service (published on internet) passing through the company's HTTP Proxy, I always have the "Peer not authenticated" error.This error doesn't appear when I connect directly (no Proxy) via ADSL, without touching anything in my SoapUI 4.5.2 Preferences other then clearing the Proxy settings.Is there any other option I need to set for passing through the Proxy?Regards,Gerardo

Are you able to ping the server from your network when you see the error?

Yes, I can ping the server.The problem seems related to the SSL certificates verification phase:Mon Aug 19 12:27:13 CEST 2013:ERROR:javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated at sun.security.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source) at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128) at org.apache.http.conn.ssl.SSLSocketFactory.createLayeredSocket(SSLSocketFactory.java:446) at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:499) at com.eviware.soapui.impl.wsdl.support.http.SoapUISSLSocketFactory.createLayeredSocket(SoapUISSLSocketFactory.java:268) at org.apache.http.impl.conn.DefaultClientConnectionOperator.updateSecureConnection(DefaultClientConnectionOperator.java:200)I also tried to import the server's certificate and put into a JKS truststore, configuring it in the "SSL Settings" page of the "Preferences", but with no success (same error)Regards

ok.Has check box check for Client Authentication (Preferences --> SSL Settings)? May I request you to give a try?

Folks,Any update/resolution to this problem. I'm also seeing it in my environment, with the following configuration:SoapUI version: 4.6.0Authorisation Type (set within the soap request configuration): Preemptive, with username and password setPreferences:Proxy host and port setHTTP settings: tried with "Authenticate Preemptively" set and unsetSSL Settings - tried with "Client Authentication - requires client authentication" set and unsetI don't have easy update of my desktop, so not so simple to roll back to an older version of SoapUI to get around this issue.Thanks,Danny.

Dear all,I am also experiencing this problem with SoapUI 4.6.1.Tue Nov 19 00:11:52 CET 2013:ERROR:javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated at sun.security.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source) at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128) at org.apache.http.conn.ssl.SSLSocketFactory.createLayeredSocket(SSLSocketFactory.java:446) at org.apache.http.conn.ssl.SSLSocketFactory.createSocket(SSLSocketFactory.java:499) at com.eviware.soapui.impl.wsdl.support.http.SoapUISSLSocketFactory.createLayeredSocket(SoapUISSLSocketFactory.java:268) at org.apache.http.impl.conn.DefaultClientConnectionOperator.updateSecureConnection(DefaultClientConnectionOperator.java:200) at org.apache.http.impl.conn.AbstractPoolEntry.layerProtocol(AbstractPoolEntry.java:277) at org.apache.http.impl.conn.AbstractPooledConnAdapter.layerProtocol(AbstractPooledConnAdapter.java:142) at org.apache.http.impl.client.DefaultRequestDirector.establishRoute(DefaultRequestDirector.java:758) at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:565) at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754) at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport$Helper.execute(HttpClientSupport.java:247) at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport.execute(HttpClientSupport.java:357) at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.submitRequest(HttpClientRequestTransport.java:318) at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.sendRequest(HttpClientRequestTransport.java:232) at com.eviware.soapui.impl.wsdl.WsdlSubmit.run(WsdlSubmit.java:123) at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source)Couldn't find any older SoapUI version back till 4.0.1 where proxy and HTTPS works together.A fix on this issue would be really appreciated.Thanks.

"Peer not authenticated" only when using HTTP Proxy

15 Replies

SmartBear_Suppo
SmartBear Alumni (Retired)
11 years ago
I believe this isn't a bug, but due to the fact that the proxy configuration confuses Apache HttpClient, the third party library used by SoapUI to send HTTP and HTTPS requests.

One user who had this problem managed to configure his way around it:

http://pentest-forum.com/index.php?topic=679.0

Kind regards,
Manne, SoapUI developer
vishnuudayan
11 years ago
I found some useful informations here:http://forum.soapui.org/viewtopic.php?f=13&t=14272&start=15#p40270
nschleut
11 years ago
I had exactly the same problem. Looks like the route-ca, that issued the server's ssl-certificate was not contained in the "cacerts" that comes with Soapui.
My solution was to import the server's ssl-certificate into cacerts like this:
1) open a http session to the server and download the certificate (eg cer - file)
2) switch to the jre\lib\security - path of soapuim, make a backup of cacerts.
3) Import the cer-File to the cacerts-File like this:
keytool -import -alias <alias> -file <cer> -keystore cacerts -storepass changeit
where <alias> is the hostname (suchandso.com) and
<cer> is the filepath to the cer-file.

I have no idea why this is only an issue when working with a proxy: I didn't have any problem while not working with a proxy.

Hope this is helpful to anyone..
bth: we have been using Soupui 4.6.4.
boschhi
Visitor
11 years ago
Came across the same problem with SoapUI 4.6.4, an https-JIRA 4.4.3 and a company proxy configured.
JIRA uses a CA-signed(!) certificate and if the signing certificate is not available in SoapUI's cacerts, it fails to login to JIRA.

Solution was:
- export the signing certificate from my Firefox certificate store into a file
- add the certificate to SoapUI's cacerts file with keytool -import -alias <alias> -file <cer> -keystore cacerts -storepass changeit

<alias> must be a unique name in the cacerts file (the keystore), but keytool warn you, if you try to overwrite. I chose the same name as my firefox displays it.
<cer> is the file where the export from Firefox has gone to.

SoapUI's cacerts file is in it installation path, on my Win7 machine in C:\Program Files\SoapUI-4.6.4\jre\lib\security

After having the certificate imported, I restarted SoapUI and then it was able to log me in to JIRA without any problems and with a proxy configured.
atul55
New Contributor
10 years ago
Solution suggested by nschleut of adding the certificate as trusted certificate in cacerts did work for me. Thanks nschleut.

Forum Discussion

"Peer not authenticated" only when using HTTP Proxy

15 Replies

Related Content

How to replace "bearer" in Bearer Authentication with "idtoken"

Optional Authentication or "Demo User"

OATH2 Authentication - can "get ID Token" be automated in testing?

"You need to authenticate to get the requested resource" useless error

"Wrong authentication credentials." error message due to an incorrect scheme of generating authToken

Recent Discussions

How do I prevent a file path from being altered when being parsed by JsonSlurper in Groovy Script?

Darshan Hiranandani : Exploring ReadyAPI Integration with Azure Git

How to hit update service multiple time with different data set.

Multipart requests getting blocked by the Azure WAF 200003

Parameterising JDBC Connection Settings..Can you do it?