Using Windows-MY Keystore for authentication with smartcard
We use SoapUI on windows to access a server via a SSL connection with client authentication. For that we have a soft token (a pkcs12 container) configured in the preferences. This works fine.
Now we need to replace the soft token by a hardware token (a smart card). Since it seems not possible to configure that in the preferences of SoapUI, I added the following java options in soapui.bat:
-Djavax.net.ssl.keyStore="NONE"
-Djavax.net.ssl.keyStoreType="Windows-MY"
-Djavax.net.ssl.trustStore="NONE"
-Djavax.net.ssl.trustStoreType="Windows-ROOT"
This does not work.
I added
-Djavax.net.debug="ssl:handshake,keymanager"
to increase logging output. This showed that the JVM does see the certificate on the smart card, so it does talk to the Windows-MY keystore. However, SoapUI does not answer the certificate request of the server correctly, it sends an empty certificate chain, although the certificate on the smart card comes from the same certificate authority than the certificate on the soft token. Moreover, access with the smart card works in any other appropriate environment.
Is it wrong using the Windows-MY keystore?
What can I do to get the authentication with smartcard working for SoapUI?