How Do I load an use a client certificate for outgoing SOAP messages

drich
Kilo Explorer

‎08-05-2015 07:42 AM

I have tried to create a protocol (xssl) to use my COMODO client certificate (I have tried to use it using .pfx, cer, and JavaKeyStore file formats.

In each case, when I enable mutual authentication, I get an error 500, and a log saying:

SOAP Msg Outbound - SOAPMessageClient : Error executing SOAP request: java.lang.IllegalStateException: unsupported protocol: 'xssl': org.apache.commons.httpclient.protocol.Protocol.lazyRegisterProtocol(Protocol.java:149)

org.apache.commons.httpclient.protocol.Protocol.getProtocol(Protocol.java:117) ...

I do not need to validate the server cert, but I do need to provide the client cert to the remote server.

Any help would be greatly appreciated.

thanks,

Dave

Labels:
0 Helpfuls
  • 3,219 Views
9 REPLIES 9

tony_barratt
ServiceNow Employee
ServiceNow Employee

‎08-05-2015 09:16 AM

Hi Dave,



First check - are you on Fuji?


Outbound Web Services Mutual Authentication - ServiceNow Wiki


..


You can configure a SOAP or REST message for mutual authentication using a protocol profile, starting with the Fuji release.






and not using a MID Server?




Best Regards




Tony






0 Helpfuls

drich
Kilo Explorer

‎08-05-2015 10:24 AM

Yes I am using Fuji and not using a mid server.   I can access the service using SOAP UI and the cert in the .pfx format.


I have read the Outbound Web Services link a million times



I assumed that if I made a JavaKeyStore containing the client certificate, then I would reference that with the protocol.


I tried that and it did not work (as well as a hundred other combinations.



It appears that the script can not attach the cert to the outgoing cert message when I click the test link off the message.


Attached are screenshots of the cert, protocol,and service



Thanks for your response.


Preview file
99 KB
Preview file
20 KB
Preview file
99 KB
XSSLprotocolprofile.zip
0 Helpfuls

brad_hicks
Giga Expert
In response to drich

‎12-04-2015 06:16 AM

Hi David,



Were you able to get past this issue?   I'm running into the same issue right now and I was hoping someone could shed some light on this.   Everything is setup per wiki for mutual auth but it continues to return an "unsupported protocol:" message.


0 Helpfuls

vikibulchandani
Tera Contributor
In response to brad_hicks

‎03-01-2017 04:03 AM

Hi Brad,



Did you happen to figure out the issue? I am running into same issue currently.



Regards,


Vikas.


0 Helpfuls