Security configuration for SOAP project using two way SSL with client certificate for auth

Question

Hello Community,&nbsp;I am struggling with configuration of my SOAP project to use client certificate in two way SSL encryption tunnel. I tryied both these guides:-&nbsp;https://www.soapui.org/docs/soapui-projects/ws-security/-&nbsp;https://www.soapui.org/docs/security-testing/ws-security-settings/&nbsp;&nbsp;But unfortunatelly I cannot connect to the server.&nbsp;When I use CURL with cert and key it is working like a charm:curl --request GET --url https://XXXX/service1\?WSDL --cert cert.pem&nbsp;--key key.pemORcurl --request POST --url https://XXXX/service1 --cert cert.pem&nbsp;--key key.pem --header 'Content-Type: text/xml' --verbose -d @request.xml&nbsp;However when I create JKS trustore with both of them and I add it to SoapUI, according those guides, I am getting unauthorized response all the time.&nbsp;&nbsp;I tried it on Windows10 and Ubuntu22.04 with SoapUI 5.7.1&nbsp;Could you please give me nudge or hint how should I configure the SoapUI project to authenticate using 2 way SSL?Thank you.

geckels1 · Answer

I am having the exact same problem and have followed the exact same steps except I used Python Zeep instead of curl where it worked. I also have a .pfx file and while I was able to successfully add that to the keystore, I could never successfully make the connection as I have a feeling the service wants a separate .crt and .key file.

opontes_udzs · Answer

This approach doesn't work for me. Maybe there is a problem with multiple aliases in jks or those aliases are encrypted or something else. But I don't even know how to debug it.&nbsp;

geckels1 · Answer

So I was able to finally connect. I don't know if this applies to you, but after adding the certificate to the KeyStore, I added the certificate to the `SSL Keystore` property as indicated in the screenshot where I have the cert blacked out and it worked.

geckels1 · Answer

Yeah I'm just using a PKCS12 cert and not a JKS. So I think that's where our problem is different. Sorry, wish I could help more.

opontes_udzs · Answer

After a longer time, I tried PKCS12 keystore generated with certificate and key that works for me with CURL, but it is still failing.&nbsp;

Forum Discussion

Security configuration for SOAP project using two way SSL with client certificate for auth

5 Replies

Recent Discussions

No Fluff Just Real Stuff - latest newsletter from the DevRel Team at SmartBear

Which current version of POI bin files is compatible with SOAP UI 5.5 free version ?

sonatype-2016-0133

Related Content

How to use relative path for keystore (WS-Security Configuration)

Problems with Security Certificates in different browsers.

MSTest Configuration