SoapUI WS-Security header

We are trying to duplicate in openssl the WS-Security header that SoapUI generates. Right now we are unable to get the same signature.

When I apply the 'Outgoing WSS' I can see the digest value that SoapUI created as well as the signature.

Step 1: I tried to duplicate the digest value in openssl using the command (openssl dgst -binary -sha1 <file> | openssl enc -base64). My input file contains only the 'body' portion of the request which is what SoapUI is digesting. The only way I am able to get a match on the digest value is to remove all leading white space in SoapUI, generate the header, then take that request, canonicalize it in a java program I wrote and use that in openssl dgst command.

Step 2: I am stuck on the 'signedinfo' portion now. This needs to be canonicalized (C14N exl), digested and signed. Using the same method that I used to get the body digest is not working.

Can someone explain how SoapUI generates this header? We have to duplicate this behavior in a Nonstop server and all we have is openssl.

What library is SoapUI using to do the digital signature?

Forum Discussion

SoapUI WS-Security header

Related Content

Simple ws-security encryption service with soapui

[Resolved] WS Security, SoapUI

ws security header not populated

Disabling WS-Security Header

.NET 2.0 Artifacts don't include SoapUI Project WS-Security Configurations

Recent Discussions

What is purpose if inspector pane in SoapUI?

How do I change password and Username on every call in a Test Case in SoapUI?

Content-Length calculation wrong when posting UTF-8 content

Error exception in phase 'semantic analysis' with java 21

Generate positive long integer?