rfransix
Occasional Contributor
Joined 14 years ago
User Profile
User Widgets
Contributions
Re: java keystore peer not authenticated
Help --> check for updates --> version check says "you are running the latest version of soapUI!" by the way, openssl s_client -connect <FQDN:443> returns no errors, connects fine, and shows the public key, closes fine too. want to see that output, just ask.1.6KViews0likes0Commentsjava keystore peer not authenticated
soapUI 4.0.2 SNAPSHOT, keystore built using openssl and keytool. When I submit a simply verifyUser request that is signed by the PrivateKeyEntry <Signature> in the keystore, this error results. Apache on the opposite end works fine using the server and authority cert (the authority cert is the only other cert in the keystore). What's the problem? Sun Jan 08 21:13:04 CST 2012:ERROR:javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated at com.sun.net.ssl.internal.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source) at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128) at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:390) at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:148) at org.apache.http.impl.conn.AbstractPoolEntry.open(AbstractPoolEntry.java:149) at org.apache.http.impl.conn.AbstractPooledConnAdapter.open(AbstractPooledConnAdapter.java:121) at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:561) at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:415) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:820) at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:754) at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport$Helper.execute(HttpClientSupport.java:109) at com.eviware.soapui.impl.wsdl.support.http.HttpClientSupport.execute(HttpClientSupport.java:219) at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.sendRequest(HttpClientRequestTransport.java:195) at com.eviware.soapui.impl.wsdl.WsdlSubmit.run(WsdlSubmit.java:123) at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source) at java.util.concurrent.FutureTask$Sync.innerRun(Unknown Source) at java.util.concurrent.FutureTask.run(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source)5.4KViews0likes7CommentsHow to Enable DEBUG or VERBOSE
I added -verbose:class to the soap*.vmoptions, but nothing is being logged. I want to enable high debug or verbose to show what jar files are being loaded on startup and when I send the xml message. Where do i set that? WSI preference option for verbose is not what i need. Thanks.1.5KViews0likes0CommentsRe: xml message with signature and certificate
I figured out how the tool works...the outgoing security profile adds the signature dynamically, very cool. However, it appears my security agent doesn't like the format...is v4.0.1 building the message (like adding the X509 certificate) differently than 3.0.1. Cause 3.01. doesn't add a <x509certificate> element under the <x509Data> element, which is what the agent is looking for. Thoughts?1KViews0likes0Commentsxml message with signature and certificate
Hello, the following is the xml posted to a protected resource. The protected agent requires a signature and a certificate before authenticating the user. I have no idea how to that, anyone with time to submit a sample? I have the x509 cert in the global ssl keystore value with both the authority cert and the user cert. <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.webservice.my.com/"> <soapenv:Header/> <soapenv:Body> <ser:postUser> <uid>=firstname.lastname</uid> </ser:postUser> </soapenv:Body> </soapenv:Envelope> The Envelop needs to contain a <Signature> and a <userCertificate>, not sure how that should look. Thank you very much.2KViews0likes1Comment