Register
SmartBear Support Resources
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

[Solved] SSL Handshake exception calling a secure webservice

SOLVED
Solved
Start a topic
Highlighted
devnull
New Contributor
‎06-17-2015 08:04 AM
‎06-17-2015 08:04 AM

[Solved] SSL Handshake exception calling a secure webservice

Hello,

I'm trying to use Soap UI to connect to a secure SOAP web service, for which there should be a registered certificate.

 

The wsdl address is: https://129.152.40.43/AIOSCInt-OSC-Account-outbound-test-root/E1AccountServicePort?WSDL

(it is also accessible on the same url using http instead of https, for the moment)

 

In our internal dns the server is registered with a name which match the SSL certificate CN name, so when I open the wsdl in a browser I don't get any ssl error. Eg when I open it with Chrome I get the "green lock":

https_integration.png

So, given this, I guess the SSL certificates are set correctly in the server.

 

But when I try to import the WSDL in Soap UI 5.1.3, I get the error:

Error loading [https://domain_name/AIOSCInt-OSC-Account-outbound-test-root/E1AccountServicePort?WSDL]: java.lang.Exception: Failed to load url; https://domain_name/AIOSCInt-OSC-Account-outbound-test-root/E1AccountServicePort?WSDL, 0

In the soapui_errors.log file there is this:

2015-06-17 16:55:23,934 ERROR [errorlog] com.eviware.soapui.impl.support.definition.support.InvalidDefinitionException
com.eviware.soapui.impl.support.definition.support.InvalidDefinitionException
 at com.eviware.soapui.impl.wsdl.support.wsdl.WsdlLoader.makeInvalidDefinitionException(WsdlLoader.java:119)
 at com.eviware.soapui.impl.wsdl.support.wsdl.WsdlLoader.loadXmlObject(WsdlLoader.java:112)
 at com.eviware.soapui.impl.wsdl.support.xsd.SchemaUtils.getDefinitionParts(SchemaUtils.java:488)
 at com.eviware.soapui.impl.wsdl.support.xsd.SchemaUtils.getDefinitionParts(SchemaUtils.java:477)
 at com.eviware.soapui.impl.support.definition.support.AbstractDefinitionCache.update(AbstractDefinitionCache.java:94)
 at com.eviware.soapui.impl.support.definition.support.AbstractDefinitionContext$Loader.construct(AbstractDefinitionContext.java:209)
 at com.eviware.soapui.support.swing.SwingWorkerDelegator.construct(SwingWorkerDelegator.java:46)
 at com.eviware.soapui.support.swing.SwingWorker$2.run(SwingWorker.java:131)
 at java.lang.Thread.run(Unknown Source)

I also tried to import the wsdl using the non-secure link (same addres but over http instead of https), and then change the http to https when launching the call, but I get this ssl exception:

2015-06-17 15:27:49,104 ERROR [WsdlSubmit] Exception in request: javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
2015-06-17 15:27:49,105 ERROR [errorlog] javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
	at sun.security.ssl.Alerts.getSSLException(Unknown Source)
	at sun.security.ssl.Alerts.getSSLException(Unknown Source)
	at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source)
	at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
	at sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source)
	at sun.security.ssl.AppOutputStream.write(Unknown Source)
	at org.apache.http.impl.io.AbstractSessionOutputBuffer.flushBuffer(AbstractSessionOutputBuffer.java:131)
	at org.apache.http.impl.io.AbstractSessionOutputBuffer.write(AbstractSessionOutputBuffer.java:151)
	at org.apache.http.impl.conn.LoggingSessionOutputBuffer.write(LoggingSessionOutputBuffer.java:74)
	at org.apache.http.impl.io.ContentLengthOutputStream.write(ContentLengthOutputStream.java:114)
	at org.apache.http.impl.io.ContentLengthOutputStream.write(ContentLengthOutputStream.java:120)
	at org.apache.http.entity.ByteArrayEntity.writeTo(ByteArrayEntity.java:68)
	at org.apache.http.entity.HttpEntityWrapper.writeTo(HttpEntityWrapper.java:96)
	at org.apache.http.impl.client.EntityEnclosingRequestWrapper$EntityWrapper.writeTo(EntityEnclosingRequestWrapper.java:108)
	at org.apache.http.impl.entity.EntitySerializer.serialize(EntitySerializer.java:120)
	at org.apache.http.impl.AbstractHttpClientConnection.sendRequestEntity(AbstractHttpClientConnection.java:263)
	at org.apache.http.impl.conn.AbstractClientConnAdapter.sendRequestEntity(AbstractClientConnAdapter.java:227)
	at org.apache.http.protocol.HttpRequestExecutor.doSendRequest(HttpRequestExecutor.java:255)
	at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport$SoapUIHttpRequestExecutor.doSendRequest(HttpClientSupport.java:119)
	at org.apache.http.protocol.HttpRequestExecutor.execute(HttpRequestExecutor.java:123)
	at org.apache.http.impl.client.DefaultRequestDirector.tryExecute(DefaultRequestDirector.java:633)
	at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:454)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754)
	at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport$Helper.execute(HttpClientSupport.java:233)
	at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport.execute(HttpClientSupport.java:323)
	at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.submitRequest(HttpClientRequestTransport.java:290)
	at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.sendRequest(HttpClientRequestTransport.java:220)
	at com.eviware.soapui.impl.wsdl.WsdlSubmit.run(WsdlSubmit.java:119)
	at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
	at java.util.concurrent.FutureTask.run(Unknown Source)
	at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
	at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
	at java.lang.Thread.run(Unknown Source)

So I guess this is a ssl configuration issue.

Can anyone help me to discover if it is a Soap UI problem, or the server ssl configuration is missing something?

0 Kudos
Reply
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
devnull
New Contributor
‎08-11-2015 05:16 AM
‎08-11-2015 05:16 AM

Re: SSL Handshake exception calling a secure webservice

The issue has been solved.

The server was accepting only TLS 1.2, while Soap UI was using TLS 1.0.

View solution in original post

Reply
9 REPLIES 9
Highlighted
devnull
New Contributor
‎08-11-2015 05:16 AM
‎08-11-2015 05:16 AM

Re: SSL Handshake exception calling a secure webservice

The issue has been solved.

The server was accepting only TLS 1.2, while Soap UI was using TLS 1.0.

View solution in original post

Reply
Highlighted
gungwald
New Contributor
‎06-23-2016 06:58 AM
‎06-23-2016 06:58 AM

Re: SSL Handshake exception calling a secure webservice

I can't find a way to tell soapUI to use TLS 1.2. So how do you actually fix the problem?

0 Kudos
Reply
Highlighted
devnull
New Contributor
‎06-23-2016 07:09 AM
‎06-23-2016 07:09 AM

Re: SSL Handshake exception calling a secure webservice

Indeed the solution was to set the application server to accept also connections using TLS 1.0, so I passed this parameter at the application server startup:

-Dweblogic.security.SSL.minimumProtocolVersion=TLSv1.0

(so the solution was solved on the other side, not on Soap UI)

Regards,

 

Edit: in my case the application to which I was talking, was deployed on a Weblogic server on which I had the possibility to change the startup System properties.

0 Kudos
Reply
Highlighted
nmrao
Community Hero
Community Hero
‎06-23-2016 12:34 PM
‎06-23-2016 12:34 PM

Re: SSL Handshake exception calling a secure webservice

Of course, you can also set in the soapui to use different version, just a java system property.
Add this to java_opts of soapui.bat file
-Dsoapui.https.protocols=SSLv3,TLSv1.2

See this thread here
https://community.smartbear.com/t5/SoapUI-Open-Source/How-to-enable-TLS-1-2-in-SoapUI/td-p/96239


Regards,
Rao.
Reply
Highlighted
timmoroz
Occasional Visitor
‎08-23-2017 08:19 AM
‎08-23-2017 08:19 AM

Re: SSL Handshake exception calling a secure webservice

@nmrao

THANK YOU !

I've been struggling with this issue for 3 days now and was already going to surrender and then I saw you miraculous answer 🙂

 

0 Kudos
Reply
Highlighted
nmrao
Community Hero
Community Hero
‎08-24-2017 01:01 AM
‎08-24-2017 01:01 AM

Re: SSL Handshake exception calling a secure webservice

Glad that you trace the right thread. Good to know.


Regards,
Rao.
0 Kudos
Reply
Highlighted
kironponnath
Occasional Visitor
‎01-03-2018 08:45 AM
‎01-03-2018 08:45 AM

Re: [Solved] SSL Handshake exception calling a secure webservice

I was also getting a similar error:
javax.net.ssl.SSLHandShakeException:Recieved fatal alert: handshake_failure

This can be for different reasons too. For me, the issue was fixed after updating the Ciphers.java (http://www.oracle.com/technetwork/java/javase/downloads/jce8-download-2133166.html) 

Basically, I had to replace two .jar files and restart the application.


C:\Program Files\SmartBear\ReadyAPI-2.2.0\jre\lib\security
 >> local_policy.jar 
>> US_export_policy.jar

 

We had some changes to cypher and this issue could have been avoided if SmartBear can provide the latest JCE with updates to ReadyAPI. 

0 Kudos
Reply
Highlighted
avidCoder
Super Contributor
‎02-05-2018 04:53 AM
‎02-05-2018 04:53 AM

Re: SSL Handshake exception calling a secure webservice

Hey, I also tried to set the things.. :-

 

This is how it looks like after the changes.. Could you please see and check what other changes is required?

 

@echo off

set SOAPUI_HOME=%~dp0
if exist "%SOAPUI_HOME%..\jre\bin" goto SET_BUNDLED_JAVA

if exist "%JAVA_HOME%" goto SET_SYSTEM_JAVA

echo JAVA_HOME is not set, unexpected results may occur.
echo Set JAVA_HOME to the directory of your local JDK to avoid this message.
goto SET_SYSTEM_JAVA

:SET_BUNDLED_JAVA
set JAVA=%SOAPUI_HOME%..\jre\bin\java
goto END_SETTING_JAVA

:SET_SYSTEM_JAVA
set JAVA=java

:END_SETTING_JAVA

rem init classpath
set OLDDIR=%CD%
cd /d %SOAPUI_HOME%

set CLASSPATH=%SOAPUI_HOME%soapui-5.4.0.jar;%SOAPUI_HOME%..\lib\*
"%JAVA%" -cp "%CLASSPATH%" com.eviware.soapui.tools.JfxrtLocator > %TEMP%\jfxrtpath
set /P JFXRTPATH= < %TEMP%\jfxrtpath
del %TEMP%\jfxrtpath
set CLASSPATH=%CLASSPATH%;%JFXRTPATH%

rem JVM parameters, modify as appropriate
set JAVA_OPTS=-Xms128m -Xmx1024m -XX:MinHeapFreeRatio=20 -XX:MaxHeapFreeRatio=40 -Dsoapui.https.protocols=SSLv3,TLSv1.2 -Dsoapui.properties=soapui.properties "-Dsoapui.home=%SOAPUI_HOME%\" -splash:SoapUI-Spashscreen.png

if "%SOAPUI_HOME%" == "" goto START
set JAVA_OPTS=%JAVA_OPTS% -Dsoapui.ext.libraries="%SOAPUI_HOME%ext"
set JAVA_OPTS=%JAVA_OPTS% -Dsoapui.ext.listeners="%SOAPUI_HOME%listeners"
set JAVA_OPTS=%JAVA_OPTS% -Dsoapui.ext.actions="%SOAPUI_HOME%actions"
set JAVA_OPTS=%JAVA_OPTS% -Djava.library.path="%SOAPUI_HOME%\"
set JAVA_OPTS=%JAVA_OPTS% -Dwsi.dir="%SOAPUI_HOME%..\wsi-test-tools"
rem uncomment to disable browser component
rem set JAVA_OPTS=%JAVA_OPTS% -Dsoapui.browser.disabled="true"

:START

rem ********* run soapui ***********

"%JAVA%" %JAVA_OPTS% com.eviware.soapui.SoapUI %*
cd /d %OLDDIR%

0 Kudos
Reply
Highlighted
白夜有点黑
Contributor
‎05-20-2019 08:09 PM
‎05-20-2019 08:09 PM

Re: SSL Handshake exception calling a secure webservice

In my case, looks this change need to be done with both soapui-pro.bat and SoapUI-Pro-5.1.2.vmoptions file, otherwise, it will not work

 

-Dsoapui.https.protocols=SSLv3,TLSv1.2

0 Kudos
Reply
New Here?
Join us and watch the welcome video:
Top Kudoed Authors
View All
Interests
Getting Started
Community Lounge
Community News
Hall of Fame
Industry Interviews
Product News