Service Virtualization

Expand all | Collapse all

Usage of jks file for REST step Execution

  • 1.  Usage of jks file for REST step Execution

    Posted 07-07-2016 07:26 AM

    Hi All,

     

    We have a requirement to execute REST step using client certificate.

     

    Provided below details in local.properties, But not working.

     

    Could you please help.

     

    Thanks & regards

    Ram

     

    ## ==============================================

    ## Enable a client cert and password for SSL.

    ## (Used by HTTP Live Invocation Step and Raw SOAP Step Execution -

    ##  also used by Web Service Step Execution if not overridden below)

    ## ssl.client.cert.path = a full path to the keystore

    ssl.client.cert.path = /Applications/CA/Lisa-8.4.0/Projects/RANDEVU/01555keystore.jks

    ## ssl.client.cert.pass = password for the keystore (this password will be automatically encrypted when DevTest runs)

    ssl.client.cert.pass.encrypted = 2d72feef21ce5807762799910c595f20

    ## ssl.client.key.pass = optional password for the key entry if using JKS keystore and key has a different password

    ssl.client.key.pass.encrypted = 2d72feef21ce5807762799910c595f20

    ##                       from keystore (this password is automatically encrypted when DevTest runs)

    ## ssl.client.alias = optional alias to use if the keystore has more than one certificate



  • 2.  Re: Usage of jks file for REST step Execution

    Posted 07-11-2016 11:56 AM

    Hi Ramanujam, have you been able to get this to work yet?

     

    If not, can you please add some additional details.  It would help if we can get an exception or some other type of error so that we narrow down the possible problem.  Otherwise, we are simply giving you a broad range of ideas that may or may not help.  For example,

     

    1) Are you certain that DevTest can access the path you specified above?  The path you use does not look valid if you are running on a Windows OS.  Perhaps you meant a path like:

    ssl.client.cert.path={{LISA_HOME}}/Projects/RANDEVU/01555keystore.jks  

    -- this path assumes the Projects and RANDEVU directories exist under LISA_HOME on every machine that executes this step.  Also, I removed the blank space between 'path = {{' just in case this is an issue.

     

    2) Are you certain the JKS file format is valid?

     

    3) If you are receiving a fatal handshake error, do you need to enable TLSv1.1, TLSv1.2 as https protocols?  Other threads show a resolution for this.

     

    4) Make sure local.properties is updated with the path to the JKS on a machine where Workstation can be executed.  Launch Workstation, open your REST step.  CLICK on the Help menu bar item.  CLICK on HTTP/SSL Debug.  Try executing your step.  Do you see any errors or exceptions in the debug window that might help you?

     

    5) If you do not get much information by using the HTTP/SSL Debug, you can also turn on DEBUG in logging.properties and execute the test as a single step in Workstation.  Similarly, you can do the same by editing the Workstation.VMOPTIONS file in LH/bin and add a -Djavax.net.ssl=DEBUG directive.  (Need to stop/start Workstation if you add a JVM directive)  Both options should add more info into the Workstation.log file.  Look for exceptions or errors that might indicate the issue?

     

    6) And, you might consider folding your client certificate into the LH/webreckeys.ks file.  Use caution if you choose to try this.  Backup webreckeys so you have a restore point.  Remove the override if you do this.

     

    If you can get an exception, please update the question so we can try to help you out.



  • 3.  Re: Usage of jks file for REST step Execution

    Posted 07-13-2016 08:15 AM

    Hi Joel,

     

    Configured the below properties.

     

    ssl.client.cert.path={{LISA_HOME}}/Projects/RANDEVU/01555keystore.jks

     

    Issue was with the jks file and password, Resolved after consulting with internal team.

     

    Thanks for your valuable suggestion.

     

    Thanks & regards

    Ram