soapUI has been a wonderful tool for testing webservices. It can also generate MockServices which can be used for testing the client if you have the WSDL contract. This is a very quick way to get up and running. You can also add WS-Security to it. There is a very good tutorial on soapUI to for using SSL as well. I wanted to extend this to use 2 way SSL. I have keytool command-line utility for generating keystore and certificates.
On Serverkeytool -genkey -alias server -keyalg RSA -validity 3650 -keystore c:\server.keystore -storepass abcd1234 -keypass abcd1234keytool -export -alias server -keystore c:\server.keystore -storepass abcd1234 -file c:\server.cerkeytool -import -alias client -keystore c:\server.keystore -storepass abcd1234 -file c:\client.cer
Settings on the server prior to generating the mock service:-
On Clientkeytool -genkey -alias client -keyalg RSA -validity 3650 -keystore c:\client.keystore -storepass abcd1234 -keypass abcd1234keytool -genkey -alias client -keyalg RSA -storetype PKCS12 -keystore c:\client.p12 -storepass abcd1234 -keypass abcd1234keytool -export -alias client -keystore c:\client.p12 -storetype PKCS12 -storepass abcd1234 -file c:\client.cerkeytool -import -alias server -keystore c:\client.keystore -storepass abcd1234 -file c:\server.cer
Settings on the client prior to generating the request:-
Once the request is sent and the correct response is obtained after decryption :-
Raw response on client side :-
Raw response on server side:-
NOTE: Generate the request and MockService AFTER saving the SSL preferences and restarting soapUI. It might not work if you do it the other way around. Also, make sure you use https as the endpoint on the client end.
If wrong password is entered in client you will get bad_certificate response and it will not decrypt the response on the client end :-
Hi ejvyas,
ReplyDeleteThanks for the nice explanation on 2-way SSL setup in soapUI.
I tried a setup as explained in your post but always get the error that the keystore has been modified or has been tampered with. I am sure I use the correct password as I can access everything correct with keytool.
If I leave out the Mock Password in the preferences I get a JsseListerner NullPointerException.
As I see you have some experience with setting it up, do you have any idea what might be the problem?
Send me the commands used for creating certificates on the client and server end. Also your soapUI projects
ReplyDeleteHi Maarten,
ReplyDeleteI am also having the same problem i too can access with keytool and correct password i am having socket exception.Please let me know how you sloved your problem
Send me your soapUI project
ReplyDeleteHi,
ReplyDeleteAre you using here two different instances of the SOAPUI? one for sending request and another one for response?
Regards,
Ashish
Hi,
ReplyDeleteWhenever I try to generate response after doing the SSL settings I get error : java.netBindException: Address already in use
Do you know why?
Regards,
Ashish
Send me your soapUI project
Delete