SoapUI client calls on SSL

I guess most of us use SoapUI for calling some local WS for testing purposes and so on. Also many times on our test servers which are using ssl. Here is where soapUI makes everything complicated.

When you make a call on a server with https, which uses a certificate that is not trusted, you get "java.net.SocketTimeoutException: Read timed out" and that happens because soapui when making the ssl connection does not trust that certificate.

I found then this post http://geekswithblogs.net/gvdmaaden/archive/2011/02/24/how-to-configure-soapui-with-client-certificate-authentication.aspx and found help on the second step.

In case that link gets broken the necessary info is:

Open the file C:\Program Files\eviware\soapUI-3.6.1\bin\ soapUI-3.6.1.vmoptions and add this line at the bottom:

-Dsun.security.ssl.allowUnsafeRenegotiation=true

I hope this is the last time I have to look for this info! 

java.security.UnrecoverableKeyException: Get Key failed: / by zero

I got this baby when my config like this on my conduit:

<sec:keyManagers >
   <sec:keyStore type="PKCS12" password="passwordForStore"
                  file="cert/key.pfx"/>
</sec:keyManagers>
  

Tip: ALWAYS put a password on the certificate which is inside the store, I exported it with internet options on windows and set a password. This goes for the keystore ONLY not the truststore.

Afterwards it looks like this:

<sec:keyManagers keyPassword="passwordForCertificate" >
   <sec:keyStore type="PKCS12" password="passwordForStore"
                  file="cert/key.pfx"/>
</sec:keyManagers>

cxf how to get the counduit name right

First I must say the best technique is to first get everything working with the wildcard name:

 <http-conf:conduit name="*.http-conduit">

After that to get the conduit name ok I had to do some digging. The suggestion came from this comment.

He suggested to debug org.apache.cxf.configuration.spring.ConfigurerImpl although where I actually found what I wanted was in:

org.apache.cxf.endpoint.ClientImpl.prepareConduitSelector

There I added a breakpoint and got the default conduit selector (the instance var is called conduitSelector). When you'll be able to get a hold of it check its inherited fields (yes I use netbeans)->selectedConduit->endpointInfo->Inherited->name (type QName) there you have the namespace and the localPart (portname). This debug works only if you are trying to send a message, context starting is not enough.

For those who just want to try without the debugging I used the target namespace of my wsdl and for the portname, just try the port name on the wsdl and append "Port". (it is not the service name! it's the port name!)