Forum Discussion
Ha, sorry for the confusion, i meant a business client. So this keystone would need their certificate info, or mine. They had us provide our certificate, port info, IP, etc. They use that to let us through their firewall.
So does a keystone file typically have your own info, or the info for the firewall you are trying to get through??
Again I caution you about my lack of knowledge of working with WSDL. But yes the keystore will need their certificate info. That is, they would have to provide you a certificate and a private key fort the activity that caused you to get the SSL exception. Normally they would name the two blobs something like client.crt and client.key. At least that is what my developers give me whenever I need to test their endpoint's REST API. And your role in this case is client.
I normally combine the certificate and key into a p12-format file I think using openssl commands. Then from there use the keytool linux command to go from p12 to the keystore file.
And yes the keystore file typically has the info that your :"business client" must provide for you so that you can get through their firewall.
- alphaack6 years agoOccasional Contributor
Bill,
no worries, you're way beyond me. What you explain is interesting, because this business client had us supply them with OUR certificate, etc. So you're saying i need THEIR info as well??
The WSDL is defined with no authentication, so my understanding is that by providing them with our certificate, port info, etc, this is how they "vet" us and allow us to go through their firewall and consume their web service....
Al
- Bill_In_Irvine6 years agoContributor
I can see how they could make use of your info. I think I am getting into a topic I hope I will not regret. The SSL.exception threw me off because apparently you received that exception. When I got that exception it was from not having the certificate and key that the server side must provide me in order for me to test their REST API. Otherwise I notify the people involved and twiddle my thumbs.
I suspect the WSDL is when you are making yourself a web service - a server, and the endpoint is possibly a client in the client/server sense after all. That would make sense that you need to send your credentials to the client. But the SSL.Exception threw me off. I think this exception might be possible if you are a web service. I have not tried the WSDL examples that ReadyAPI gave me.
Seems that both you and I are missing some information. Hopefully someone else from the SoapUI community can be of better help.
Bill
- alphaack6 years agoOccasional Contributor
Bill,
thanks again, you've been a big help !
- alphaack6 years agoOccasional Contributor
Hi Richie,
No i have not. Issue remains - i substitute the "new" endpoint , but do not succeed in reaching the webservice i am trying to consume. If you are interested, i can send you the logs generated when i attempt this.
thanks much
Al
- richie6 years agoCommunity Hero
Yes please.
I'm never used certificate authentication in soapui - so I don't know how much help I can be - but I've got a similar setup in one of my projects (hitting a 3rd party's endpoint) to what you've described so a trawl through your logs and a comparison of mine might help to point us in the right direction.
Cheers,
richie
- alphaack6 years agoOccasional Contributor
okay, i'm in a meeting right now, but will send those logs
thanks!