Many of you who've Googled around for SoapUi - Burp would have seen my earlier post on it, and also a cooler post here.
This time I also had a JKS client certificate that I needed to send to invoke a web-service method. Turns out that while Burp accepts certificates..it doesn't directly accept JKS certs - you need to convert it into PKCS12 instead.
You can easily convert a JKS cert into a PKCS12 cert using the keytool utility that comes along with JDK. Here is the exact command that you need to run to do that.
Make sure that you use this exact command. That's coz there's plenty of other interactive variants to this..but using any of those turn up with a number of weird errors related to incorrect passwords or padding or something else while attempting to import the cert.
Once you have the PKCS12 file, navigate to Options - SSL - Client SSL certificates and add your certificate there.
Configure SoapUI to talk to Burp now as per this or this.. and you should be all set. Have fun :)
This time I also had a JKS client certificate that I needed to send to invoke a web-service method. Turns out that while Burp accepts certificates..it doesn't directly accept JKS certs - you need to convert it into PKCS12 instead.
You can easily convert a JKS cert into a PKCS12 cert using the keytool utility that comes along with JDK. Here is the exact command that you need to run to do that.
keytool -importkeystore -srckeystore -srcstorepass -destkeystore -srcstoretype JKS -deststoretype PKCS12 -deststorepass
Make sure that you use this exact command. That's coz there's plenty of other interactive variants to this..but using any of those turn up with a number of weird errors related to incorrect passwords or padding or something else while attempting to import the cert.
Once you have the PKCS12 file, navigate to Options - SSL - Client SSL certificates and add your certificate there.
Configure SoapUI to talk to Burp now as per this or this.. and you should be all set. Have fun :)
No comments:
Post a Comment