Forum Discussion
When you say "client" it's sort of confusing because I'm used to client/server in the sense the client sends a REST request or SOAP request to a server. So I hope I am understanding you write.
I don't work with WSDL, so my advice might be totally off. But your own title of the problem is the person who sent you the endpoint does not want you to use the endpoint. The SSL-related error message you got indicated you attempted to use that endpoint. And that got my attention.
Back to your original question, I would not know how to validate their endpoint except with a ping command, since you are not supposed to use their endpoint!
Ha, sorry for the confusion, i meant a business client. So this keystone would need their certificate info, or mine. They had us provide our certificate, port info, IP, etc. They use that to let us through their firewall.
So does a keystone file typically have your own info, or the info for the firewall you are trying to get through??
- Bill_In_Irvine7 years agoContributor
Again I caution you about my lack of knowledge of working with WSDL. But yes the keystore will need their certificate info. That is, they would have to provide you a certificate and a private key fort the activity that caused you to get the SSL exception. Normally they would name the two blobs something like client.crt and client.key. At least that is what my developers give me whenever I need to test their endpoint's REST API. And your role in this case is client.
I normally combine the certificate and key into a p12-format file I think using openssl commands. Then from there use the keytool linux command to go from p12 to the keystore file.
And yes the keystore file typically has the info that your :"business client" must provide for you so that you can get through their firewall.
- alphaack7 years agoOccasional Contributor
Bill,
no worries, you're way beyond me. What you explain is interesting, because this business client had us supply them with OUR certificate, etc. So you're saying i need THEIR info as well??
The WSDL is defined with no authentication, so my understanding is that by providing them with our certificate, port info, etc, this is how they "vet" us and allow us to go through their firewall and consume their web service....
Al
- Bill_In_Irvine7 years agoContributor
I can see how they could make use of your info. I think I am getting into a topic I hope I will not regret. The SSL.exception threw me off because apparently you received that exception. When I got that exception it was from not having the certificate and key that the server side must provide me in order for me to test their REST API. Otherwise I notify the people involved and twiddle my thumbs.
I suspect the WSDL is when you are making yourself a web service - a server, and the endpoint is possibly a client in the client/server sense after all. That would make sense that you need to send your credentials to the client. But the SSL.Exception threw me off. I think this exception might be possible if you are a web service. I have not tried the WSDL examples that ReadyAPI gave me.
Seems that both you and I are missing some information. Hopefully someone else from the SoapUI community can be of better help.
Bill