Skip to Content
0
Former Member
Apr 28, 2014 at 08:45 AM

HTTPS using SOAP and sharing certificates

614 Views

Hi Experts,

We have been able to activate HTTPS port in our PI system and created a scenario with SOAP sender with option -- >> HTTPS without client authentication.


Now, we generated the URL from sender agreement -- >> https:<host>:<port>:XISOAPAdapter/MessageServlet?........

When we try to test this from SOAPUI, an error message is received that - Client Certificate is required.

Now in NWA, under Security - >> SSL, we could find Private key and have uploaded the same in SOAPUI Keystore... But the error persists.

Just to emphasie we are just using self-generated certificate which is not signed by any CA.

Now questions or rather confusions:

1. If PI is hosting a service ( SOAP Sender ), exactly what kind of certificate should be exported and imported into SOAPUI or third party ? Private key PK8, PK12 or simply Certificate ?? Where exactly is the Public key ?

2. In case third party hosts the service and PI needs to consume it, I assume third party will share their certificates. Will they share public or private key ? Shall we simply upload it in our key store and it will work ?

3. In case PI and Third Party both are hosting the services so do we need 2 Set of certificates for scenarios to work ? ( One generated at each server ?)

I have read blogs, discussions but have seen varying opinions and hence wanted to clarify.

Thanks..

regards,

Omkar.