For a POC coming up, we are stuck in the situation where the Server folk refuse to give out the Private Keychain (or password) but the Client folk are desperate to get DevTest in to help alleviate the constraints with service unavailability.
Would it be possible to get the client to send unencrypted traffic to DevTest, DevTest would then use the public key to encrypt the traffic to Server (and vice versa)?
This scenario would allow us to prove the service virtualization without needing the private keystore.
Client [unencrypted data] >>> DevTest [encrypted data] >>> Server
Is this possible? If so, does anyone have an example of how this was set up in the recorder?
Not sure of the exact words you are using..
if the live connection to your server is https:// you CAN do http:// from the app to DevTest, and then HTTPS to the server. In DT 8 (never seen prior),
you check the box on the recorder to 'use ssl to serrver'. (and u can supply the keyfile).. you may have to add a line to the local.properties to get TLS selected first instead of SSLV3.
we have done this multiple times..
The problem is that we don't have the keyfile (or password) only a public certificate file.
The requirement has also changed a bit... the customer now wants the following scenario to happen:
Client (encrypts traffic using a DevTest cert) >>> DevTest decrypts the traffic with its own private key >>> DevTest (reencrypts the traffic with the Server's public key) >>> Server decrypts the message.
Hi Johan, have you completed this POC ? i have similar problem where my client send encrypted data to devtest and devtest has to send encrypted response to server .. AES-128 is algorithm used.. could you please let me know if your problem is applicable to this case as well ?
Could share details please if you have done this POC.. I have got the client private key and included that in devtest keystore and pointed in lisa server local.properties.. still when I see the lisa.vse.request it shows message is not decrypted.. not getting what could be the reason.. do we need anything else get the message decrypted apart from private key usage..