#524 SSL mock service intermittently uses HTTP instead of HTTPS

open
nobody
general (369)
5
2009-12-22
2009-12-22
Joel Schneider
No

(From my response on forum thread http://www.eviware.com/index.php?option=com_smf&Itemid=99999999&topic=1579.0\)

I've been working on an SSL enabled mock service, but have been seeing a problem that looks like a soapUI bug. When I start the SSL enabled mock service, it sometimes uses HTTP instead of HTTPS. The problem is intermittent, and I haven't yet found a good way to predict whether soapUI (or Jetty?) will use HTTP or HTTPS.

To set up the mock service, I used OpenSSL to generate a host certificate and self-signed CA certificate, and to sign the host certificate using my CA certificate. I used keytool to create a JKS containing the public key portion of the CA certificate, and configured soapUI to use this as the truststore. To create a JKS for the host certificate, I first used OpenSSL to create a PKCS12 file containing the signed host certificate and private key, then used Jetty's PKCS12Import program to create a JKS keystore from the PKCS12 file. (Importantly, the common name of the host certificate matches the fully qualified domain name of the machine running the SSL enabled mock service.)

Depending on how the "Leave MockEngine running when stopping MockServices" preference setting is configured, it is sometimes necessary to restart soapUI (often more than once) to have it switch from HTTP to HTTPS when running the MockService.

Because the soapUI interface doesn't indicate whether a service is using HTTP or HTTPS (i.e. SSL), I've been using Firefox to manually check whether the server responds correctly to http://localhost:8443/ or https://localhost:8443/. It would be nice if soapUI could write a message to the jetty log that indicates whether it is using HTTP or HTTPS for a given MockService.

In soapUI preferences, I have the mock port for SSL set to 8443, so it seems wrong that soapUI/Jetty sometimes runs the service on that port without using SSL.

I've seen this happen in versions 2.5.1 and 3.0.1 of soapUI. Haven't tried 3.5 yet.

Discussion

  • Joel Schneider
    Joel Schneider
    2009-12-22

    archive containing files intended to help reproduce the intermittent HTTP vs. HTTPS problem

     
  • Joel Schneider
    Joel Schneider
    2009-12-22

    • summary: Response Message missing from MockService log Message Viewer --> SSL mock service intermittently uses HTTP instead of HTTPS
     
  • Joel Schneider
    Joel Schneider
    2009-12-22

    OpenSSL config file (forgot to include this in zip archive)

     
    Attachments
  • Joel Schneider
    Joel Schneider
    2010-01-05

    Today I tried running the attached mock service under soapUI 3.5 beta1. In my first 2 attempts, the mock service did not use SSL (https), but the mock service did use SSL (https) on the 3rd attempt (after I restarted soapUI for the 3rd time). So, it appears the intermittent http vs. https mock service problem also exists in version 3.5.

    Additionally, for soapUI 3.5 beta1, I found it useful to update the bouncy castle provider library to bcprov-jdk16-144.jar (see also http://www.eviware.com/index.php?option=com_smf&Itemid=99999999&topic=2931.0\).

     
  • I'm experiencing this issue in version 4.0.1. The symptoms are exactly the same - the mock endpoint sometimes starts with https but other times it starts with http.

     
  • Hello!

    Do you experience the same issues with current nighly version ?

    Regards,
    Vladimir
    SmartBear Software

     

  • Anonymous
    2013-02-19

    I am still seeing this issue in 4.5.1 (in my case, MockService always - not intermittently - starts in HTTP). Has this ever been fixed?

    Thanks,
    John

     
    Last edit: Anonymous 2013-10-20