Friday, 12 June 2015
Transport Layer Security (TLS) 1.2 and SoapUI
We hit an interesting glitch yesterday, whilst trying to test IBM Business Monitor using the SoapUI tool ( http://www.soapui.org/ ).
Having configured IBM HTTP Server (IHS), in front of Monitor, to only support Transport Layer Security (TLS) 1.2, via this directive in httpd.conf : -
SSLProtocolDisable SSLv3 SSLv2 TLSv10 TLSv11
we then saw
when trying to connect to the Business Monitor REST emitter, which is fronted by IHS and the WebSphere Plugin.
Having confirmed that we could happily access the REST URL, via HTTPS, using Firefox, we realised that the issue was with SoapUI.
A few Google searches later, we found this: -
The following parameter must be added to the soapUI vmoptions file:
A spot of trial and some error later, we found that this is the file to which the article refers: -
*BUT* that we needed to start the client using the .EXE file: -
rather than the supplied batch file ( which appears to ignore the .vmoptions file ).
Once we made this change, and started the tool, it all worked.