I am trying to route my soapUI web service requests via fiddler, but it doesn't seems to work. I tried url's like
http://localhost./myservice/myservice.asmx
http://localhost:8888/myservice/myservice.asmx
The later one though goes via fiddler, but it returns the request itself rather than the response from webservice. Any help?
Try File > Preferences > Proxy Settings
Host 127.0.0.1
Port 8888
and use http://localhost/myservice/myservice.asmx
Here is a post that explain this a little bit more
To decrypt HTTPS traffic generated by SoapUI, you may need to import Fiddler certificate into the Java truststore file, cacerts. For SoapUI this file is typically located in "C:\Program Files (x86)\SmartBear\SoapUI-5.0.0\jre\lib\security\" (or whatever version and path you installed it at).
In Fiddler, export the root certificate to your desktop: Tools > Fiddler Options... > HTTPS > Export Root Certificate to Desktop.
Run cmd as administrator.
cd to the security folder of SoapUI's JRE, e.g.:
cd "C:\Program Files (x86)\SmartBear\SoapUI-5.0.0\jre\lib\security\"
Back up the cacerts file:
xcopy cacerts cacerts.bak
Import Fiddler certificate:
..\..\bin\keytool.exe -import -alias fiddler -file "C:\Users\<username>\Desktop\FiddlerRoot.cer" -keystore cacerts -storepass changeit
Here "changeit" is the password to the cacerts store.
When prompted to trust the certificate, enter yes.
Restart SoapUI.
Configure SoapUI to use Fiddler as proxy: go to File > Preferences > Proxy Settings and specify:
Proxy Setting: Manual
Host: localhost
Port: 8888 (or whatever port your Fiddler uses)
Remember to restore the original proxy settings when Fiddler is not running.
Fiddler injects itself automatically as a proxy, but only into the IE stack. SoapUI uses a java stack, so the proxy isn't automatic.
Sometimes it happens that default port 8888 is used by some other application. Like in my case it was python so it did not worked using 8888
So the port number you mention should be the one where Fiddler is listening.
capture snapshots so its easy to understand
Step 1 & Step 2 to be performed on Fiddler
Step 3 & Step 4 on Soapui/ReadyaPI
Have you tried:
http://localhost/myservice/myservice.asmx (without the dot)
UPDATE
Fiddler works by acting as a proxy on your machine. When started it will set itself up on port 8888. That's why you're seeing it work when you use localhost:8888. If you want to use localhost then you'll need to tell fiddler to look at port 80.
From the Internet Explorer main menu, click Tools, click Internet Options, click Connections, click LAN Setting, and finally click Advanced. Now change the port to 80 and see if that works.
Related
I'm following WSO2IS's guide to changing hostname and I feel like they're leaving out a rule that I don't know or they're (again) assuming I should know this.
https://docs.wso2.com/display/IS550/Changing+the+Hostname
I'll do a quick rundown of what I did and I'll put the questions at the end. Each numbered list header is referring to the steps in that guide respectively.
I had my Hostname/MgtHostname set as somename.something.ca
I put the original wso2carbon.jks in a separate folder as a backup and created a new keystore "wso2carbon.jks" using this commandline with adjusted values :
keytool -genkey -alias newcert -keyalg RSA -keysize 2048 -keystore newkeystore.jks -dname "CN=<testdomain.org>, OU=Home,O=Home,L=SL,S=WS,C=LK" -storepass mypassword -keypass mypassword
I was able to export a public key from my keystore by adjusting the command line to their appropriate values.
Same thing as step 3, I just changed the values in the command line so it fit with my alias and public key. I was able to import the public key.
Changed "localhost" to "somename.something.ca" everywhere it existed (identity.xml, authenticators.xml etc...)
Everything ran smoothly and I started my WSO2IS service. However, I was not able to reach somename.something.ca (URL does not exist) and when I tried to access my IS, the SAML SSO referred to localhost again (tried this in Incognito mode too)! I don't know why it kept doing that even after I went into my admin dashboard and changed the SAML SSO Identity Provider name from localhost to the new hostname.
For now, I just want to be able to refer to localhost as a different name and at least be able to access my identity server outside my LAN. I should note that I am testing the WSO2IS on a remote desktop (Windows Server) where we do development for the site.
So should I try my hostname as my IP? Does my hostname actually have to exist or can it just be a placeholder? Does my hostname have to be different from
'localhost' so that I may access it outside my LAN? If I change the hostname, am I able to access the dashboard as 'localhost' AND as my new hostname through the computer where I'm running WSO2IS as a service?
I'm sorry for all the questions, I am new to this stuff and I think there is just so much left out of the WSO2 documentation that I need to know in order to make this work.
Your answers are much appreciated.
EDIT:
Now with my new hostname setup (after following the guide) and while I'm running WSO2IS, my localhost won't load. If I try going to localhost (on Chrome), it will take 30s then say "localhost took too long to load."
I'm currently using IIS so what you need to do is create an active website using the manager. I just created a subdomain and plugged that in for every 'localhost' occuring in my .xml files. That allowed me to change my hostname.
Special thanks to gusto2.
I followed the steps in the SonarQube docs to allow my SonarQube server to use HTTPS by putting a Proxy behind it: https://docs.sonarqube.org/display/SONAR/Securing+the+Server+Behind+a+Proxy
I created an apache server and installed mod_proxy module by following these instructions: http://frvabe.blogspot.com/2016/06/running-sonarqube-behind-proxy.html
When I add the server using http and the default port 9000 the connection is successful. However when I try adding a SonarQube server using https and 8443 I get the fail to request error (Yes I am putting the credentials correctly :)): Error
I am able to access the URL with https and port 8443 from IE i.e. "https://myserver.com:8443/". I login and view all projects with no problem.
I do not see any error logs anywhere (workspace, installation directory, IDE error views, event viewer, etc.)
I know that it has to do with the certificate not being "trusted" since in is a self-signed certificate. Is there a way to tell SonarLint to "Trust" this certificate?
Any help will be greatly appreciated.
Thank you!
JP
You can add this certificate to the java cacerts store.
After that it is trusted for Java. you have to do this for the Java version you are using on Eclipse.
Here is an example of the calls for github.com:
"C:\Program Files\Java\jdk1.8.0_121\bin\keytool" -keystore cacerts –list
"C:\Program Files\Java\jdk1.8.0_121\bin\keytool" -keystore cacerts -importcert -alias github.com -file C:\temp\github.com.cer
Note: you have to open the CMD in the folder where the cacerts file is located. This is normally in C:\Program Files\Java\jre1.8.0_121\lib\security or C:\Program Files\Java\jdk1.8.0_121. The path is here only an example.
I've been using Fiddler in C#.
So far I'm able to intercept requests. However, I need to set a proxy. I did so, the proxy is set.
In Proxy Settings Windows' form, I have for HTTP and Secure: 127.0.0.1 for Proxy address to use and for the Port, 8888.
This is the same that is done when I use Fiddler application directly.
However, when I set it through my C# code, instead of using Fiddler, I can't navigate. My pages give me the message:
Your connection is not secure
What more do I need to do? What Fiddler do that I'm missing to correctly set a proxy?
Usually if it cant make a secure connection, you need to trust Fiddler's root certificate on your development PC. If you are using Firefox you will have to do an additional step to trust the certificate inside FF.
I use Fiddler2 to analyse some pages that use https connections. I enabled HTTPS decryption, but I still see some Tunnel to host:443 entries in my log. I can see decrypted HTTPS traffic in the log, so I assume the decyption works.
I think, that a Tunnel to host:443 entry is created in addition to the decrypted log entry when the connection is opened.
Is my assumption correct or did I miss something?
Yes, this is expected.
If you click on Tunnel to Host:443 you'll see the following on the Statistics tab:
The selected session is a HTTP CONNECT Tunnel. This tunnel enables a client to
send raw traffic (e.g. HTTPS-encrypted streams or WebSocket messages) through
a HTTP Proxy Server (like Fiddler).
You can automatically hide these tunnels if you like by clicking Rules > Hide Connects.
My HTTPS interception and decryption stopped working and this message was also in my logs.
Perhaps it is unrelated but I was able to resolve but exporting the Fiddler certificate to Desktop (Tools > Fiddler Options > Export Root Certificate to Desktop), double clicking it to install it and restarting Fiddler and my Browser.
I have the Fiddler filters setup to "hide" the host "roaming.officeapps.live.com" and it does not show while I am debugging.
But the Fiddler proxy is still causing security issues (incorrect ssl certificate) to office, message relates to that host.
How can get a specific host to bypass Fiddler?
Or is the nature of a proxy based system that all requests go through it regardless?
Tools > Fiddler Options > Connections > Bypass Fiddler for hosts that start with or use the HTTPS tab to Skip decryption for.