How do we enumerate the values avaialable in the soapui.https.ciphers JVM option?

Question

We are attempting to validate several TLS and SSLv3 cipher strings in SOAPUI v5.2.0. We have entered several values which are listed as valid on the OpenSSL support pages. When we attempt to send our messages in SOAPUI we recieve a message stating that the cipher is not valid.

*****************************************

05:42:02,543 ERROR [SoapUI] An error occurred [Unsupported ciphersuite TLS_ECDHE
_RSA_WITH_AES_128_GCM_SHA256], see error log for details
05:42:02,583 DEBUG [SoapUIMultiThreadedHttpConnectionManager$SoapUIDefaultClient
Connection] Connection shut down
05:42:02,586 ERROR [WsdlSubmit] Exception in request: java.lang.IllegalArgumentE
xception: Unsupported ciphersuite TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
05:42:02,587 ERROR [SoapUI] An error occurred [Unsupported ciphersuite TLS_ECDHE
_RSA_WITH_AES_128_GCM_SHA256], see error log for details
05:42:02,597 INFO [AbstractHttpRequestDesktopPanel] Error getting response for
[.SOAP12:INT.276RT]; java.lang.IllegalArgumentException: Unsupported ciphersuite
TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256

*****************************************

We have updated the JCE within the SOAPUI JRE to include the unlimited version of the JCE. We understand that the version of openSSL used by SOAPUI does in theory support the cipher string we are attempting to use.

Here is the white list of cipher strings we are attempting to validate. We know that the ECDHE-RSA-AES128-SHA string works, but it appears that the GCM and ECDSA versions do not. The same is true for the DHE and DSS.

ECDHE-RSA-AES128-GCM-SHA256
ECDHE-ECDSA-AES128-GCM-SHA256
ECDHE-RSA-AES256-GCM-SHA384
ECDHE-ECDSAAES256-GCM-SHA384
DHE-RSA-AES128-GCM-SHA256
DHE-DSS-AES128-GCM-SHA256
kEDH+AESGCM
ECDHE-RSA-AES128-SHA256
ECDHE-ECDSA-AES128-SHA256
ECDHE-RSA-AES128-SHA
ECDHE-ECDSA-AES128-SHA
ECDHE-RSA-AES256-SHA384
ECDHE-ECDSA-AES256-SHA384
ECDHE-RSA-AES256-SHA
ECDHE-ECDSA-AES256-SHA
DHE-RSA-AES128-SHA256
DHE-RSA-AES128-SHA
DHE-DSS-AES128-SHA256
DHE-RSA-AES256-SHA256
DHE-DSS-AES256-SHA
DHE-RSAAES256-SHA

Is there any way to extract a list of valid ciphers and/or the version of OpenSSL embedded in SOAPUI.

Any assistance would be greatly appreciated.

Russ

nmrao · Answer

Check what are the supported one at server side with your team/ application provider, it appears that what you received is from your application, not of soapui.

See if this oracle doc helps in any way
http://docs.oracle.com/javase/7/docs/technotes/guides/security/StandardNames.html

Forum Discussion

How do we enumerate the values avaialable in the soapui.https.ciphers JVM option?

1 Reply

Related Content

Enumerations

TestComplete Objects - Enumerate properties

Creating .Net enumerations from Test Complete?

Status Code for invalid enumeration value

Scala enumerations

Recent Discussions

clone TestSuite fails when there are more project with the same name

Will SOAP UI 5.6.1 work with JDK 8

SOAP Request works in SoapUI, but not in C# code

How to configure Swagger in Paas to use it in Oracle APEX instance.

log4j1.x vulnerability