SSL Handshake Issue
SoapUI Noob here...
I'm a sys admin trying to set up our web & app servers for WSDL requests over SSL. The traffic will be intranet only and we're creating the CA and certs with openSSL. We're using SoapUI to spoof the process that will send the WSDL msgs. This is my first time using SoapUI and I was given the WSDL project by one of the developers. I have disabled port 80 on the web server (IBM IHS 7) so it's listening only on port 443. From a browser http session attempts are ignored. Https session attempts produce the familiar "un-trusted certificate" dialog. The same dialog is seen from SoapUI for a simple web test.
The issue is, I had expected to be required to pre-load a cert into SoapUI in order to have the web server process the WSDL POST msg over SSL. What I'm seeing however, is that SoapUI automatically accepts the cert from the server, the SSL session is established and the trans gets processed successfully. I don't think this is what will happen from the application that will generate the web service messages. How do I get SoapUI to not automatically accept un-trusted certs?
I'm a sys admin trying to set up our web & app servers for WSDL requests over SSL. The traffic will be intranet only and we're creating the CA and certs with openSSL. We're using SoapUI to spoof the process that will send the WSDL msgs. This is my first time using SoapUI and I was given the WSDL project by one of the developers. I have disabled port 80 on the web server (IBM IHS 7) so it's listening only on port 443. From a browser http session attempts are ignored. Https session attempts produce the familiar "un-trusted certificate" dialog. The same dialog is seen from SoapUI for a simple web test.
The issue is, I had expected to be required to pre-load a cert into SoapUI in order to have the web server process the WSDL POST msg over SSL. What I'm seeing however, is that SoapUI automatically accepts the cert from the server, the SSL session is established and the trans gets processed successfully. I don't think this is what will happen from the application that will generate the web service messages. How do I get SoapUI to not automatically accept un-trusted certs?
