Hi,
I came across the following problem, which is driving me crazy:
I just want to test a web application, which uses a client authentication with
certificates. I downloaded the doc.zip, which contains an example. The problem
is, this example doesn't work. Not because of the missing web application, but
the xml file contains invalid/missing declarations. It would be great to keep
the doc up-to-date since - it is really frustrating if the sample doesn't work.
I am using canoo r_1810 with the following configuration for my test:
<target name="test" depends="wt.defineMacros">
<property name="webtest.keystore.file" value="certs/client.keystore" />
<property name="webtest.keystore.passphrase" value="client" />
<property name="webtest.truststore.file" value=".keystore"/>
<property name="webtest.truststore.passphrase" value="test1234"/>
<property name="webtest.connectioninitializer"
value="com.canoo.webtest.security.SunJsseBaseConnectionInitializer"/>
<property name="webtest.keystore.alias" value="user1" />
<webtest name="Startseite aufrufen">
<config
protocol="https"
host="localhost"
port="8443"
useInsecureSSL="true">
</config>
<invoke url="/index.html" description="Gehe zur Startseite"/>
<verifyTitle text="TEST" />
....
There are two points I don't understand:
1. the truststore-file. What is it for?
2. Whatever I type for the keystore-file, I always get the same error (from
webserver): bad_certificate. And this bothers me, because I can't tell where
the problem lies. Even if I tried a wrong password, the error message remains
the same - it is always the same (even when no certificate is sent).
So, I am lost, because the error message I get doesn't help and the provided
example doesn't show how I can convert a client certificate (a p12 file) into a
keystore and why this is necessary.
I would be very helpful if someone tested a web application with a client
authentication and can provide a working example. I really appreciate your help.
Thanks a lot in advance,
Daniel
