Forum Discussion

paulprogrammer's avatar
paulprogrammer
New Contributor
12 years ago

No option to disable server cert validity check

Connecting to our UAT environment which uses a self-signed certificate, there appears to be no configuration to disable the TrustManager validity check which tries to follow the certificate change to the CA. This causes us to be unable to use SoapUI for https testing in our environments that do not use CA-signed certificates (dev, qa, uat, sit).

The SoapUI tool should either have an option to disable certificate chain validation, or to add the certificate to an application-managed keystore which is considered trustworthy.

4 Replies

Sort By
  • Looooooka's avatar
    Looooooka
    12 years ago
    This doesn't answer the question.
    There is no option to "disable server certificate validation"
  • awstahl's avatar
    awstahl
    New Contributor
    12 years ago
    Any follow up to this? I'm having the same problem, and the linked reference to the SSL Settings page is about as bad an answer as you can give.

    Where exactly on that page does it describe how to disable host checking? Which setting, specifically, denotes that SoapUI will not refuse a connection due to a self-signed certificate on the server?

    And considering SoapUI is frequently used as a dev testing tool, why in the hell would it perform strict checking in the first place?!? Who pays for a signed certificate on a dev machine?

    This is seriously infuriating, and I'm ready to chuck soapui altogether... especially considering the ridiculously poor performance of these forums... I've made three posts now, and all indications were that they were successful, but they don't appear when I click "View your posts".