Hello,
I'm trying to use Soap UI to connect to a secure SOAP web service, for which there should be a registered certificate.
The wsdl address is: https://129.152.40.43/AIOSCInt-OSC-Account-outbound-test-root/E1AccountServicePort?WSDL
(it is also accessible on the same url using http instead of https, for the moment)
In our internal dns the server is registered with a name which match the SSL certificate CN name, so when I open the wsdl in a browser I don't get any ssl error. Eg when I open it with Chrome I get the "green lock":
So, given this, I guess the SSL certificates are set correctly in the server.
But when I try to import the WSDL in Soap UI 5.1.3, I get the error:
Error loading [https://domain_name/AIOSCInt-OSC-Account-outbound-test-root/E1AccountServicePort?WSDL]: java.lang.Exception: Failed to load url; https://domain_name/AIOSCInt-OSC-Account-outbound-test-root/E1AccountServicePort?WSDL, 0
In the soapui_errors.log file there is this:
2015-06-17 16:55:23,934 ERROR [errorlog] com.eviware.soapui.impl.support.definition.support.InvalidDefinitionException
com.eviware.soapui.impl.support.definition.support.InvalidDefinitionException
at com.eviware.soapui.impl.wsdl.support.wsdl.WsdlLoader.makeInvalidDefinitionException(WsdlLoader.java:119)
at com.eviware.soapui.impl.wsdl.support.wsdl.WsdlLoader.loadXmlObject(WsdlLoader.java:112)
at com.eviware.soapui.impl.wsdl.support.xsd.SchemaUtils.getDefinitionParts(SchemaUtils.java:488)
at com.eviware.soapui.impl.wsdl.support.xsd.SchemaUtils.getDefinitionParts(SchemaUtils.java:477)
at com.eviware.soapui.impl.support.definition.support.AbstractDefinitionCache.update(AbstractDefinitionCache.java:94)
at com.eviware.soapui.impl.support.definition.support.AbstractDefinitionContext$Loader.construct(AbstractDefinitionContext.java:209)
at com.eviware.soapui.support.swing.SwingWorkerDelegator.construct(SwingWorkerDelegator.java:46)
at com.eviware.soapui.support.swing.SwingWorker$2.run(SwingWorker.java:131)
at java.lang.Thread.run(Unknown Source)
I also tried to import the wsdl using the non-secure link (same addres but over http instead of https), and then change the http to https when launching the call, but I get this ssl exception:
2015-06-17 15:27:49,104 ERROR [WsdlSubmit] Exception in request: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure 2015-06-17 15:27:49,105 ERROR [errorlog] javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.Alerts.getSSLException(Unknown Source) at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source) at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source) at sun.security.ssl.AppOutputStream.write(Unknown Source) at org.apache.http.impl.io.AbstractSessionOutputBuffer.flushBuffer(AbstractSessionOutputBuffer.java:131) at org.apache.http.impl.io.AbstractSessionOutputBuffer.write(AbstractSessionOutputBuffer.java:151) at org.apache.http.impl.conn.LoggingSessionOutputBuffer.write(LoggingSessionOutputBuffer.java:74) at org.apache.http.impl.io.ContentLengthOutputStream.write(ContentLengthOutputStream.java:114) at org.apache.http.impl.io.ContentLengthOutputStream.write(ContentLengthOutputStream.java:120) at org.apache.http.entity.ByteArrayEntity.writeTo(ByteArrayEntity.java:68) at org.apache.http.entity.HttpEntityWrapper.writeTo(HttpEntityWrapper.java:96) at org.apache.http.impl.client.EntityEnclosingRequestWrapper$EntityWrapper.writeTo(EntityEnclosingRequestWrapper.java:108) at org.apache.http.impl.entity.EntitySerializer.serialize(EntitySerializer.java:120) at org.apache.http.impl.AbstractHttpClientConnection.sendRequestEntity(AbstractHttpClientConnection.java:263) at org.apache.http.impl.conn.AbstractClientConnAdapter.sendRequestEntity(AbstractClientConnAdapter.java:227) at org.apache.http.protocol.HttpRequestExecutor.doSendRequest(HttpRequestExecutor.java:255) at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport$SoapUIHttpRequestExecutor.doSendRequest(HttpClientSupport.java:119) at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:123) at org.apache.http.impl.client.DefaultRequestDirector.tryExecute(DefaultRequestDirector.java:633) at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:454) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754) at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport$Helper.execute(HttpClientSupport.java:233) at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport.execute(HttpClientSupport.java:323) at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.submitRequest(HttpClientRequestTransport.java:290) at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.sendRequest(HttpClientRequestTransport.java:220) at com.eviware.soapui.impl.wsdl.WsdlSubmit.run(WsdlSubmit.java:119) at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source)
So I guess this is a ssl configuration issue.
Can anyone help me to discover if it is a Soap UI problem, or the server ssl configuration is missing something?
Solved! Go to Solution.
The issue has been solved.
The server was accepting only TLS 1.2, while Soap UI was using TLS 1.0.
The issue has been solved.
The server was accepting only TLS 1.2, while Soap UI was using TLS 1.0.
I can't find a way to tell soapUI to use TLS 1.2. So how do you actually fix the problem?
Indeed the solution was to set the application server to accept also connections using TLS 1.0, so I passed this parameter at the application server startup:
-Dweblogic.security.SSL.minimumProtocolVersion=TLSv1.0
(so the solution was solved on the other side, not on Soap UI)
Regards,
Edit: in my case the application to which I was talking, was deployed on a Weblogic server on which I had the possibility to change the startup System properties.
THANK YOU !
I've been struggling with this issue for 3 days now and was already going to surrender and then I saw you miraculous answer 🙂
I was also getting a similar error:
javax.net.ssl.SSLHandShakeException:Recieved fatal alert: handshake_failure
This can be for different reasons too. For me, the issue was fixed after updating the Ciphers.java (http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html)
Basically, I had to replace two .jar files and restart the application.
C:\Program Files\SmartBear\ReadyAPI-2.2.0\jre\lib\security
>> local_policy.jar
>> US_export_policy.jar
We had some changes to cypher and this issue could have been avoided if SmartBear can provide the latest JCE with updates to ReadyAPI.
Hey, I also tried to set the things.. :-
This is how it looks like after the changes.. Could you please see and check what other changes is required?
@echo off
set SOAPUI_HOME=%~dp0
if exist "%SOAPUI_HOME%..\jre\bin" goto SET_BUNDLED_JAVA
if exist "%JAVA_HOME%" goto SET_SYSTEM_JAVA
echo JAVA_HOME is not set, unexpected results may occur.
echo Set JAVA_HOME to the directory of your local JDK to avoid this message.
goto SET_SYSTEM_JAVA
:SET_BUNDLED_JAVA
set JAVA=%SOAPUI_HOME%..\jre\bin\java
goto END_SETTING_JAVA
:SET_SYSTEM_JAVA
set JAVA=java
:END_SETTING_JAVA
rem init classpath
set OLDDIR=%CD%
cd /d %SOAPUI_HOME%
set CLASSPATH=%SOAPUI_HOME%soapui-5.4.0.jar;%SOAPUI_HOME%..\lib\*
"%JAVA%" -cp "%CLASSPATH%" com.eviware.soapui.tools.JfxrtLocator > %TEMP%\jfxrtpath
set /P JFXRTPATH= < %TEMP%\jfxrtpath
del %TEMP%\jfxrtpath
set CLASSPATH=%CLASSPATH%;%JFXRTPATH%
rem JVM parameters, modify as appropriate
set JAVA_OPTS=-Xms128m -Xmx1024m -XX:MinHeapFreeRatio=20 -XX:MaxHeapFreeRatio=40 -Dsoapui.https.protocols=SSLv3,TLSv1.2 -Dsoapui.properties=soapui.properties "-Dsoapui.home=%SOAPUI_HOME%\" -splash:SoapUI-Spashscreen.png
if "%SOAPUI_HOME%" == "" goto START
set JAVA_OPTS=%JAVA_OPTS% -Dsoapui.ext.libraries="%SOAPUI_HOME%ext"
set JAVA_OPTS=%JAVA_OPTS% -Dsoapui.ext.listeners="%SOAPUI_HOME%listeners"
set JAVA_OPTS=%JAVA_OPTS% -Dsoapui.ext.actions="%SOAPUI_HOME%actions"
set JAVA_OPTS=%JAVA_OPTS% -Djava.library.path="%SOAPUI_HOME%\"
set JAVA_OPTS=%JAVA_OPTS% -Dwsi.dir="%SOAPUI_HOME%..\wsi-test-tools"
rem uncomment to disable browser component
rem set JAVA_OPTS=%JAVA_OPTS% -Dsoapui.browser.disabled="true"
:START
rem ********* run soapui ***********
"%JAVA%" %JAVA_OPTS% com.eviware.soapui.SoapUI %*
cd /d %OLDDIR%
In my case, looks this change need to be done with both soapui-pro.bat and SoapUI-Pro-5.1.2.vmoptions file, otherwise, it will not work
-Dsoapui.https.protocols=SSLv3,TLSv1.2
Subject | Author | Latest Post |
---|---|---|