Forum Discussion

cada0310's avatar
cada0310
New Contributor
11 years ago

Trying to get SoapUI work against WCF wsHttpBinding

I saw a post from a few years ago that said SoapUI won't work with wsHttpBinding unless we remove security elements, but we noticed that it will work when we use Transport security...

We have a self hosted service that uses wsHttpBinding but can be configured for either Transport or Message security. When configured for Transport security, SoapUI works just fine. When we configure for Message security, we get an InvalidSecurity error: "An error occurred when verifying security for the message".

Our service has a behavior that specifies a certificate as service credentials:

<serviceCredentials>
<serviceCertificate findValue="CN=SomeCertName" storeLocation="LocalMachine" storeName="My"/>
</serviceCredentials>

Our .NET clients get the cert in their endpoints in the app.config when we generate service references:

<identity>
<certificate encodedValue="somebigbase64value==" />
</identity>

When we import the wsdl with soapUI, we get all the methods and properties for the service calls, but we cant make a call without getting the error mentioned above.

One thing I suspect might be the problem is that our certificate that's being used was not issued by a CA and has no valid trust chain. To get around this with our clients, we have been adding a behavior to the client endpoints to ignore the certificate Validation:


<endpointBehaviors>
<behavior name="NoTrust">
<clientCredentials>
<serviceCertificate>
<authentication certificateValidationMode="None"/>
</serviceCertificate>
</clientCredentials>
</behavior>
</endpointBehaviors>

Our .NET clients manually add this behavior after the service reference has been created.

My questions are:

1) Some old posts I saw say that SoapUI does not support wsHttpBinding, is that still the case (even though we see that it works fine with Transport security)?
2) Is there a way to make SoapUI ignore the certificateValidation like we do with our .NET clients

Thanks for any help/insight you can provide.
  • SmartBear_Suppo's avatar
    SmartBear_Suppo
    SmartBear Alumni (Retired)
    Hi,

    Please see this post that summarizes what SoapUI will support out of the box in terms of wsHttpBinding protocols:
    http://forum.soapui.org/viewtopic.php?f=5&t=23699&p=54535#p54535
    What you could do is turn off the "client authentication" in File->Preferences->SSL Settings. Otherwise, configure your web service to respond to http requests rather than https.

    Regards,

    Giscard
    SmartBear Support
  • Shirate's avatar
    Shirate
    New Contributor

    Hi,

    I understood from your post that SoapUI will work with wsHttpBinding with Transport security.

    Can you please provide me an example for that?

     

    Another thing, I was trying to do the same as you posted with the


    <endpointBehaviors>
    <behavior name="NoTrust">
    <clientCredentials>
    <serviceCertificate>
    <authentication certificateValidationMode="None"/>
    </serviceCertificate>
    </clientCredentials>
    </behavior>
    </endpointBehaviors>

     

    And it still didn't work...

    So for the meantime nothing is working except mode="none"

    I would really appricate if you can please provide me examples for bothe cases!

     

    Thanks a lot!!!

    Shira