Dealing with certs for HTTPS

[Kiruthika Subramanian]

Hi Johan,

Hope you are well.

I run my REST automation against a HTTPS server and I store the certs on the cacerts (java keystore). 

Every time the certs expire I have to update them on the servers that these tests run.

Is there a way to do it from the code? Does REST Assured have something in built to trust certain certs?

Can you please suggest?

I came across this:

http://stackoverflow.com/questions/7256955/java-sslexception-hostname-in-certificate-didnt-match

Please advice.

Thanks,

Kiruthika

[Johan Haleby]

Hi, 

Perhaps it could work to set your own keystore, this has worked for me. If this is not enough it would be really nice if you could help out by allowing RA to set a trust store. There have been some discussions around this in the past.

Regards,

/Johan 

--
You received this message because you are subscribed to the Google Groups "REST assured" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rest-assured...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
 
 

[Kiruthika Subramanian]

Thank you, I will try these and keep you posted.

[Kiruthika Subramanian]

Hello Rekha,

Yes I use the keytool, add the cert to the keystore and run the tests.

This url may help you:

https://www.sslshopper.com/article-most-common-java-keytool-keystore-commands.html

Cheers,

On Tuesday, March 12, 2013 12:43:21 PM UTC-4, Rekha Ramakrishnan wrote:

Hi kiruthika,

Can you share the code on how you import the certificates to cacerts. Is it using keytool?
Also, can you share the piece of code on how you you are referring to the certificates and calling your webservice,

I am new to Rest Assured and trying to test a https url.

Thanks
Rekha

[Rekha Ramakrishnan]

Hello Kiruthika

 

Thank you.

 

I am still getting an error "Peer Not Authenticated", even after I used the keytool and generate the JKS file.

 

Please see my code.   keytool -importkeystore -srckeystore C:/Workspace/RestWSAutomation/Certs/Prod/0000003721.p12 -srcstoretype pkcs12  -destkeystore C:/keys/truststore.jks -deststoretype jks -deststorepass PF8gRcz4UH2p

 

I have used the above truststore.jks in my code

 

RestAssured.baseURI=https://otwsqa.tivo.com/itmind/mind9?;

RestAssured.keystore("C:/keys/truststore.jks","PF8gRcz4UH2p");

RestAssured.given().keystore("C:/keys/truststore.jks", "PF8gRcz4UH2p");

RestAssured.port=443;

RestAssured.urlEncodingEnabled = false;

RestAssured.post("type=customerInfoSearch&tivoSerialNumber=CF0010E335FCF08");

This does not work. Please help.

 

Thanks
Rekha

[Kiruthika Subramanian]

Hi Johan,

I have been researching and investigating around all the forums and the ones you pointed out but nothing has helped me so far.

Although one of the discussion you pointed me to, that person had actually hacked into RESTAssured jar, updated a method and rebuild the jar.

Now that sounds like a solution that I am looking for. 

Do you know a way of getting that new jar (I know I am asking for too much) or are there any near future plans to make REST Assured support this feature?

As always thank you for your time and help.

Cheers,

Kiruthika

On Wednesday, March 6, 2013 2:30:57 AM UTC-5, Johan Haleby wrote:

[Johan Haleby]

Hi, 

Right now I'm in the process of a huge refactoring in RA to extract JsonPath and XmlPath to there own projects. Afterwards I'll look into smaller (in terms of size) issues. 

What you would have to do to see if it works for you is to apply his work to the source code of REST Assured and then build it yourself. If it works for you then submit a pull request.

Regards,

/Johan