Hi Experts,
We have been able to activate HTTPS port in our PI system and created a scenario with SOAP sender with option -- >> HTTPS without client authentication.
Now, we generated the URL from sender agreement -- >> https:<host>:<port>:XISOAPAdapter/MessageServlet?........
When we try to test this from SOAPUI, an error message is received that - Client Certificate is required.
Now in NWA, under Security - >> SSL, we could find Private key and have uploaded the same in SOAPUI Keystore... But the error persists.
Just to emphasie we are just using self-generated certificate which is not signed by any CA.
Now questions or rather confusions:
1. If PI is hosting a service ( SOAP Sender ), exactly what kind of certificate should be exported and imported into SOAPUI or third party ? Private key PK8, PK12 or simply Certificate ?? Where exactly is the Public key ?
2. In case third party hosts the service and PI needs to consume it, I assume third party will share their certificates. Will they share public or private key ? Shall we simply upload it in our key store and it will work ?
3. In case PI and Third Party both are hosting the services so do we need 2 Set of certificates for scenarios to work ? ( One generated at each server ?)
I have read blogs, discussions but have seen varying opinions and hence wanted to clarify.
Thanks..
regards,
Omkar.