Decrypting SOAP messages

To avoid console errors, you must decrypt incoming SOAP messages if any are encrypted.

Before you begin

Go to the Physical View and add identity stores for HCL OneTest™ API. For information on how to define and configure identity stores, see Identity stores and SSL.

About this task

If any elements of an incoming SOAP message are encrypted, errors will be displayed in the Console view of the Test Lab perspective unless the message is decrypted. To enable decryption, you need to add a decrypt action to the response.

The ability to decrypt SOAP messages is available only in HCL OneTest API 8.5.0 or later.


  1. Open the incoming SOAP message that is part of a test or stub for editing:
    • In case of a test, double-click a message action.
    • In case of a stub, open the Input tab and double-click a message action.
  2. In the Config tab, right-click the SOAP message node and select Properties.
  3. On the WS-Security page, ensure that the Enable field is selected.
  4. Select Decrypt from the list. The Decrypt editor is displayed.
  5. Configure the decrypt action.

    The following table outlines the parameters and options that are used for decrypting a SOAP message:

    Field Description
    Transformation Name (Required) A unique name for the decryption action. This helps you identify it in the main list.
    Keystore The HCL OneTest API identity store that you created and configured (see Before you begin). Select the appropriate one from the list.
    Certificate Alias The alias of the private key to use from the keystore to decrypt the message. For example, ca.
    Password The password that the selected keystore requires.
    Actor The actor that selects which header to use in case the incoming SOAP message contains more than one WS-Security header.
    Must understand?

    Indicates whether or not the receiver (indicated by the Actor attribute) is required to process a header entry. When you set this attribute to true, the actor must understand the semantics of the header entry and must process it correctly to those semantics. If the value is false, processing the header entry will be optional.
    The Must understand attribute indicates that the semantics in an element are different from the semantics in its parent or peer elements. This facilitates robust evolution ensuring that a change in semantics does not get ignored by those who may not fully understand it.

    This setting applies to sending of SOAP headers only and hence can be ignored.

  6. Click OK.