Saturday, October 26, 2013

SoapUI - Client side cert - Burp

Many of you who've Googled around for SoapUi - Burp would have seen my earlier post on it, and also a cooler post here.

This time I also had a JKS client certificate that I needed to send to invoke a web-service method. Turns out that while Burp accepts doesn't directly accept JKS certs - you need to convert it into PKCS12 instead.

You can easily convert a JKS cert into a PKCS12 cert using the keytool utility that comes along with JDK. Here is the exact command that you need to run to do that.

keytool -importkeystore -srckeystore -srcstorepass -destkeystore -srcstoretype JKS -deststoretype PKCS12 -deststorepass

Make sure that you use this exact command. That's coz there's plenty of other interactive variants to this..but using any of those turn up with a number of weird errors related to incorrect passwords or padding or something else while attempting to import the cert.

Once you have the PKCS12 file, navigate to Options - SSL - Client SSL certificates and add your certificate there.

Configure SoapUI to talk to Burp now as per this or this.. and you should be all set. Have fun :)

No comments: