I've been trying to get SoapUI 5.5. (OpenSource) to verify and reject my self-signed ssl server certificate for security reasons (self-signed, not trusted), just like other clients do. Where can I switch the behavior between test and live environment? I need the verification enabled. In my case soapui just accepts the connection and does not even notify about any security issues.
I have searched the database but didn't find much information.
Thanks in advance.
thanks for your response. Unfortunately the linked documentation does not address my issue and the answer does not help me any further.
I do need SoapUI to reject requests to untrusted, namely self-signed certificates on the server side. I do not get any warning.
thanks again, but the answer refers to AllertSite, which is not considered to be used during testphase of a developed microservice. I have tests defined in SoapUI, which must verify a given ssl-certificate. It is simply testable by using other tools, like curl, which rejects the request on default security level. But I have written my testcases in SoapUI and thought it would just have the abiltiy to verify untrusted ssl certificates.
thanks. Client Authentication with ssl certificate is not the usecase, ssl settings do not contain any setting as far as I can see.