Sending HTTPS Requests
The HTTPS protocol provides a protected connection between a client and the server by using a security layer (TLS/SSL).
The client requests a certificate from the server to verify the server’s identity. The server in its turn may also request a certificate from the client. In SoapUI, you can specify a certificate for outgoing requests. This topic describes how to do this. To learn how to configure a mock service to use SSL, see Securing MockService With SSL.
Create a Certificate
To sign a request, you need to generate a private/public key pair. To do this, you can use the keytool utility that is included in the JDK installation. Open the command prompt and navigate to the bin folder in the JDK folder (for example C:\java\jdk1.8.0_112\bin). Execute the following command to create a keystore:
keytool -genkey -alias soapui -keyalg RSA -keystore soapui.keystore
You must enter a password for the new keystore and provide the utility with the required information (such as your name, the name of your organization and so on).
To export a certificate with your public key, execute the following command:
keytool -export -alias soapui -file soapui.cer -keystore soapui.keystore
You can use this certificate to provide your public key to your web service. For example, you can import it to the mock’s trustrore.
Use the Client Certificate for One Request
To sign a single request with a certificate:
Double-click the project node.
Open the WS-Security Configuration tab and switch to the Keystores tab.
On the Keystores tab, click to add a keystore.
Select your keystore and specify its password. The new keystore will appear in the list.
Open the desired request. On the Request Properties tab, select the added keystore from the SSL Keystore drop-down list:
Use the Client Certificate for All Requests
To sign all the requests from SoapUI:
Click Preferences on the main toolbar or select File > Preferences.
In the SoapUI Preferences dialog, switch to the SSL Settings tab.
Specify the full path to your keystore file and the keystore password:
Note: To learn about the other options on this page, see Securing MockService With SSL.
No one knows APIs better than SmartBear. Find out what our Pro version of SoapUI can do to improve your testing.