This question already has an answer here:
Do Karate support .avro file as an input request?
(1 answer)
Closed 1 year ago.
I am trying to automate a gRPC service call using Karate-Grpc client as illustrated in https://github.com/pecker-io/karate-grpc. Our service call uses a .pem certificate. How to configure this certificate in .feature file? I have gone through some of the examples which are using the below syntax.Do i need to convert the .pem to .jks?
Background:
* configure ssl = { keyStore: 'util/certificate/abc.xyz.net.jks', keyStorePassword: 'keystorepassword'}
Regards
Debayan
I don't know much about karate-grpc but I think it is highly unlikely that it integrates with the configure ssl part of Karate - which is designed for the HTTP client.
Personally I recommend you writing a gRPC client by hand (one-time effort) including any SSL config or equivalent (which you should have working somewhere in your project already). See this answer for details: https://stackoverflow.com/a/62826394/143475
Related
i have .cert file. .key file and Password pharse and end point. We are using keyStore, we are using file system. How can i pass these in my karate request.
I think you have to convert a .crt file, please read the docs and also this thread (long) may help: https://github.com/intuit/karate/issues/281
Please update here with your findings so that it helps others and you can suggest changes to the docs if required.
Docs: https://github.com/intuit/karate#x509-certificate-authentication
EDIT: as per comment below, solution is to create a keystore out of the *.crt file and a .key file, and then use Karate configure ssl to use the keystore.
In looking to provide a self-hosted ServiceStack backend to a single-page app, I want to require SSL.
I've seen the answers related to configuring the server with the certificate using httpcfg/netsh, but I'd like to not have that configuration step if possible.
I found this answer, but it doesn't compile.
The PrivateKey class is missing. Of course, I'm assuming PrivateKey.Save(...) does something similar to what httpcfg/netsh does during the manual configuration. My question is, is this 'no configuration' approach with SSL on HttpListener possible? Is that previously linked answer even possible? If so, where does PrivateKey come from?
I've spent the better part of this afternoon trying to figure out how to implement SSL/TLS support directly in the Play Framework 2.1 web server without having to use a front end proxy, to no avail. I have all of my certificates signed by a CA and I'm told Play 2.1 supports SSL, but am lost on the configuration options to use in application.conf to set this up. There doesn't appear to be a clear answer out there in the documentation.
Couple questions:
Do I HAVE to convert my .crt and .key files to a .jks file (Java keystore) or can I use them as-is?
If I have to import to the Java keystore, can someone provide some insight into how this is done? I have seen a lot of conflicting documentation on this.
What are the configuration options in the Play Framework 2.1.x application.conf to set this up?
As I stated before, I could not find any clear answers after a couple hours of Googling, so I figured I better ask here. Also, I want to reiterate - I DO NOT want to use a front-end web server like Apache for specific reasons, so I am looking ONLY to set up SSL/TLS support directly in Play.
EDIT:
I have found this thread: http://grokbase.com/t/gg/play-framework/1326s1ttny/2-1-ssl but I can't get any of it to work still. Not sure if I'm created the JKS file correctly by combining all of my bundled CRT files AND the private key into a single file then importing and I'm not sure what I should use for the "path to keystore".
We are trying to use composite templates (fillable PDFs) and embedded signing using the REST API. We are using the docusign_rest gem in conjuction with our custom code to create composite templates and embedded signing. The docusign_rest gem is used for authentication and is giving the following error:
OpenSSL::SSL::SSLError (SSL_connect returned=1 errno=0 state=SSLv3 read server certificate B: certificate verify failed)
On the local dev machine, we simply provided path to a certificate file at the time of starting the dev server, but on a remote machine this is not feasible.
Is it possible to skip the SSL check for a demo purpose? This SO link seems to suggest that it is possible. If yes, then how can we achieve that?
If not, then is there a quick way to fix it or do we have to install SSL certificates and configure the server to read those?
We are using ruby 1.9.3 , rails 3.2.11 and Apache2 (so that would mean enabling the SSL module).
I believe for demo (demo.docusign.net) you can use https OR http. What happens if you simply use http? Does that resolve your SSL error?
In either case, you'll eventually need to resolve this though because for production (www.docusign.net) you need to use https. The problem is most likely in your Ruby code or with your certificate. For testing purposes I'd try making a cURL request through the command line to see if that works.
See here for some examples of making DocuSign REST API calls using cURL
Im trying to use client ssl certificate in JMeter to authenticate on website. The problem is that when i try to import it in SSL Manager, im not getting any message for password, anything. In configuration i've written:
user.classpath=/home/m/Downloads/jre-1.7.0_09/usr/java/jre1.7.0_09/lib/
ssl.provider=com.sun.net.ssl.internal.ssl.Provider
I've added user.classpath because jsse.jar stands there, but i think its not necessary. What am i doing wrong?
To test Client Certificates, use this:
Keystore Configuration
Steps are:
Create your certificates either with Java keytool utility or through your PKI
If created by PKI, import your keys in Java Key Store by converting them to a format acceptable by JKS
Then reference the keystore file through the 2 JVM properties :
-Djavax.net.ssl.keyStore=path_to_keystore
-Djavax.net.ssl.keyStorePassword=password_of_keystore
You use either HTTPClient 3.1 or 4 implementations for HTTP Request
To make JMeter use more than one certificate you need to ensure that:
https.use.cached.ssl.context=false
is set in jmeter.properties or user.properties