Ask a Question
Log In / Sign Up
Choose a Product Community
AlertSite
AQTime Pro
BitBar
Collaborator
CrossBrowserTesting
Cucumber Open Source
CucumberStudio
LoadComplete
LoadNinja
QAComplete
ReadyAPI
SoapUI Open Source
Swagger Open Source
SwaggerHub
Swagger Inspector
TestComplete
TestLeft
Zephyr Scale
Zephyr Squad
Zephyr Enterprise
Resources
Ask a Question
Log In Sign Up

SSL Client: bad certificate

xinxinwang
Not applicable
‎07-28-2009 07:50 AM
‎07-28-2009 07:50 AM

SSL Client: bad certificate

I am using soapUI 3.0 on Winsows. I created a self-signed keystore for my JBoss 4.2.3 GA server. I configured both server and the soapUI to enable Client Authentication using the keystore I created. However, when I send a SOAP message to the server, I got this exception on the soapUI:

    Tue Jul 28 10:14:16 EDT 2009:ERROR:javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate

There is no any error or output on the server side.

I used the following command to create my keystore:
     
            keytool -genkey -alias tomcat -keyalg RSA

And configure the server using:


maxThreads="150" scheme="https" secure="true" clientAuth="true" address="${jboss.bind.address}"
keystoreFile=" ${jboss.server.home.dir}/conf/ast.keystore" keystorePass="jasypt_ast"
sslProtocol="TLS">



Thanks for any help.
0 Kudos
2 REPLIES 2
genroxbro
New Contributor
‎07-29-2009 10:44 AM
‎07-29-2009 10:44 AM

Ive set up SSL using the self-signed certificate, and everything works great. However, Id like to know if its possible to use a commercial SSL certificate, like youd get from Verisign or Thawte.

My certificate is in the format of a password-protected PFX file. I also have a key file and a certificate file that Apache uses which are not password protected. I tried exporting a PEM file from the PFX file using OpenSSL, but I get a "server is no longer accepting secure connections" message when trying to connect.

Any help whatsoever is greatly appreciated
_____________________________________
Website I designed for canadian online payday loan company.
0 Kudos
ccarr
Not applicable
‎08-11-2009 01:05 PM
‎08-11-2009 01:05 PM

@xin

I had the same problem.  I found this site to be very helpful to properly setup the *2* keystores that are needed:
    http://stackoverflow.com/questions/1180 ... ertificate

Between that help, and configuring soapUI at both the project level and the global SSL settings, it works for me now.
0 Kudos
Subscribe
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: