Skip Navigation
Expand
Enforce TLS v1.2 in SoapUI
Answer ID 8387   |   Last Review Date 09/26/2018

How can I enforce TLS v1.2 in SoapUI?

Environment:

Applies to all versions of Oracle Field Service (OFS)

Issue:

I cannot make soap requests to OFSC using SoapUI

Use Case Scenario:

OFS environment has been updated to not use SSLv3, TLS v1.0 and TLS v1.1 but my site is behind AKAMAI and these protocols are still enabled on AKAMAI end.

Resolution:

When making soap requests to your desired WSDL, such as: https://api.etadirect.com/soap/inbound/?wsdl, with SoapUI and your side is behind AKAMAI, SoapUI will connect AKAMAI via a lower protocol than TLS v1.2 because AKAMAI still supports those protocols until official deprecation on Feb 16th for OFS test environments and March 11th for OFS production environments.

Once AKAMAI sends the soap request to OFS via a deprecated protocol, this call fails and errors are returned to the client, such as HTTP Error 403 Access Denied.

To enforce SoapUI to make calls only via TLS v1.2 you need to modify the application configuration as follows:

1. Go to your SoapUI folder, usually located in C:\Program Files\SmartBear\SoapUI

2. Open folder "bin"

3. Open file "SoapUI-{version}.vmoptions" in a text editor, such as Notepad. Note that {version} is your version of SoapUI and could be 5.1.2, 5.2.1, etc.

4. Add this as a new line in the document: -Dsoapui.https.protocols=TLSv1.2

5. Save the file. Note that you may need administrator rights to save the file in this location

Once performed, open SoapUI and test connectivity.