Ask a Question
Log In / Sign Up
Resources
Ask a Question
Log In Sign Up

SSL Client: bad certificate

xinxinwang
Not applicable
‎07-28-2009 07:50 AM
‎07-28-2009 07:50 AM

SSL Client: bad certificate

I am using soapUI 3.0 on Winsows. I created a self-signed keystore for my JBoss 4.2.3 GA server. I configured both server and the soapUI to enable Client Authentication using the keystore I created. However, when I send a SOAP message to the server, I got this exception on the soapUI:

    Tue Jul 28 10:14:16 EDT 2009:ERROR:javax.net.ssl.SSLHandshakeException: Received fatal alert: bad_certificate

There is no any error or output on the server side.

I used the following command to create my keystore:
     
            keytool -genkey -alias tomcat -keyalg RSA

And configure the server using:


maxThreads="150" scheme="https" secure="true" clientAuth="true" address="${jboss.bind.address}"
keystoreFile=" ${jboss.server.home.dir}/conf/ast.keystore" keystorePass="jasypt_ast"
sslProtocol="TLS">



Thanks for any help.
0 Kudos
2 REPLIES 2
genroxbro
New Contributor
‎07-29-2009 10:44 AM
‎07-29-2009 10:44 AM

Ive set up SSL using the self-signed certificate, and everything works great. However, Id like to know if its possible to use a commercial SSL certificate, like youd get from Verisign or Thawte.

My certificate is in the format of a password-protected PFX file. I also have a key file and a certificate file that Apache uses which are not password protected. I tried exporting a PEM file from the PFX file using OpenSSL, but I get a "server is no longer accepting secure connections" message when trying to connect.

Any help whatsoever is greatly appreciated
_____________________________________
Website I designed for canadian online payday loan company.
0 Kudos
ccarr
Not applicable
‎08-11-2009 01:05 PM
‎08-11-2009 01:05 PM

@xin

I had the same problem.  I found this site to be very helpful to properly setup the *2* keystores that are needed:
    http://stackoverflow.com/questions/1180 ... ertificate

Between that help, and configuring soapUI at both the project level and the global SSL settings, it works for me now.
0 Kudos
Subscribe
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: