Securing MockServices with SSL

The MockService functionality in SoapUI is a simple way to quickly get a working simulation of your Web Service up and running in seconds. Even better, you can secure it with SSL to be sure your client handles this correctly. Check out this mini-tutorial to get going.

Create a new SoapUI project by using the Currency Converter WSDL available at the following URL:

http://www.dataaccess.com/webservicesserver/numberconversion.wso?WSDL

Create project

When SoapUI imports the WSDL, create a mock service. Right-click the created interface and select Generate SOAP Mock Service:

Create MockService

Make sure to enable the Add Endpoint option and click OK. SoapUI will create a mock service for SOAP Binding.

Create MockService

If you now open the default request created for the NumberToDollars request and change the endpoint to the local mock service, you will get the following result:

Default request

To secure the mock service via SSL, we first need to generate a keystore with private and public keys. To do this, use the keytool command-line utility that is included in the JDK installation.

Note: If you do not have the JDK installed, you can download it from the Oracle web site: http://www.oracle.com/technetwork/java/javase/downloads/index.html

  1. Open the command prompt and navigate to the bin folder in your JDK folder (for example, C:\java\jdk1.8.0_112)
  2. Generate a keystore containing our private/public key pair:

    keytool -genkey -alias soapui -keyalg RSA -keystore mock.keystore

    Enter a password for the new keystore and provide the utility with the required information (such as your name, the name of your organization and so on). The command will create a mock.keystore file with generated keys.

  3. In SoapUI, click Preferences on the main toolbar or select File > Preferences and switch to the SSL Preferences page.

  4. Specify the path to the created keystore and the password, as well as the password for the key (even if you specified the same password when creating the keystore):

    SSL Preferences

    If you want the client to provide its certificate, enable the Client Authentication option. In this case, a mock service will compare the client's certificate with the ones stored in the specified truststore. See below how to add a certificate to a trustrore.

  5. Go to your request and edit the endpoint to use the HTTPS protocol:

    SSL endpoint

Import a Certificate

To make your service trust the client, you need to import the client's certificate to the service's trustore. You can do this by using the keytool utility with the –import argument. For example, the following command imports the soapui.cer certificate to the mock.truststore file.

keytool -import -alias soapui -file soapui.cer -keystore mock.truststore