Creating and using X.509 certificates to test web services over HTTPS
The use of transport layer security (HTTPS) is a major part of modern web security. The current TLS protocol, often referred to by its predecessor's name, SSL, uses X.509 certificates and, therefore, public key cryptography to keep HTTP traffic private. Many other security schemes, including those from the previous three recipes, can and are often used in conjunction with transport layer security (HTTPS).
In this recipe, we'll focus on testing a RESTful web service over HTTPS hosted on Tomcat. There is nothing really to do in SoapUI to enable HTTPS access, but from a testing perspective, you may still find it necessary to understand what's going on and be able to make assertions about the validity of the certificate details, which SoapUI doesn't provide out of the box.
To really follow what's involved in this recipe, some knowledge of the concepts of public key cryptography and how Java supports them (Java Secure Socket...
