Comments for: Using OpenSSL to provide the RF SoapLibrary with a TLS client certificate

[samuelpcabral]

Great article and congratulations for the investigation! excellent problem solving... can i put a link to your blog post on the library page? Thank you!

[MichaelHallik]

@samuelpcabral Thank you for the compliment and of course: you can put the link on the library page!

[kmantrala]

@MichaelHallik Hello - this article to test SOAP API using Robot Framework & SoapLibrary is detailed and fantastic. I learned a lot on how the certificates are handled. However I am still facing an issue where the creation of the client itself fails. My API endpoint loads fine in the browser. But, to make a method call, the request needs to be certified and this is where the certificate comes into picture. I got a *.pfx file which has a encrypted private key, and 2 public keys. After following the steps to convert the pfx file into pem file (openssl pkcs12 -info -in mycert.pfx -legacy -out newcert.pem -nodes) I get the pem file with unencrypted private key. And when I make the kw call "SoapLibrary.Create Soap Client ${myWSDL} client_cert=${CURDIR}${/}newcert.pem", I get the following error: SSLError: HTTPSConnectionPool(host='myAPIhost', port=443): Max retries exceeded with url: /myHost.svc (Caused by SSLError(SSLError(9, '[SSL] PEM lib (_ssl.c:3900)')))

I am unable to figure out what is causing this error.

Do you have any suggestions on what might be wrong here?

Thank you.

[PitHar]

Maybe an answer to a question asked a long time ago: You could try using the -noenc parameter in your openssl command. This explicitly removes encryption from the output file. However, be aware that this has security implications for your file.