Forum Discussion
OK, it seems to have an issue with your client certificate:
'You need a client side certificate issued by MyFirm CA to access this site'
I take it you included this exact client certificate in the .jks keystore that you configured in the SoapUI Settings?
If not, I was expecting an error more like:
javax.net.ssl.SSLHandshakeException: Received fatal alert: certificate_unknown
you can take a look in the keystore with the following command:
keytool -list -v -keystore server.jks -storepass password
I also presume you loaded the client certificate into the browser? Otherwise that wouldnt be able to see the WSDL either.
Hi Rupert
i run the command "keytool -list -v -keystore server.jks -storepass password" and i see the right data.
i confirm that in the browser i installed the certificate .
Questions :
when i use .jks file, i need to follow which of two links:
1- https://www.soapui.org/soapui-projects/ws-security.html
1 or 2 or is the same ?
thanks
- rupert_anderson8 years agoValued Contributor
Hi,
Ok, thats sounds like things must be mostly on the right track.
The link https://www.soapui.org/soapui-projects/ws-security.html is for WSS security setup, which definitely different to the 2) like you followed - the link you followed looked right to me.
You can also add this java option to soapui
—Djavax.net.debug=ssl:handshake
to provide verbose SSL debugging, and also to your service if it is java.
I can only imagine something is wrong with that .jks... the error you're getting is not the usual bad certificate or hand shake exception, its quite specific saying that the certificate isn't signed by the write signer, not that it cannot be found.
When you added the keystore details in SoapUI settings you didn't see any error in the logs? Don't expect so, but just checking, easy to get the password wrong - which shows in the error log tab.
- patrik8 years agoOccasional Contributor
Hi
How can i do this ? :
—Djavax.net.debug=ssl:handshake
i checked when adding keysteore and no error i seen .. the olny thing is that also if i write a wrong password , i don't see any message ? is it correct ?
thanks
- rupert_anderson8 years agoValued Contributor
Hi,
In step 2 of that link you followed it explains how to add the -D parameters.
Yes, if the password is correct there is no error - you get something like 'keystore initialized'
Related Content
- 9 years agoesfomeado
- 3 years agoyaminySharma04
- 12 months agoSiKing
Recent Discussions
- 6 days agoemoya