This recipe builds on the concepts of the previous one to show how we can test web services over an HTTPS connection that also requires a client X.509 certificate to be provided as a guarantee of the caller identity. The actual work required to provide the client certificate in SoapUI is very short. So if you are happy enough with the concepts, certificates, and java Keystore handling, then you can just skip to this part. The entire recipe covers creating the required client and server key pairs and configuring Tomcat to insist that SoapUI provides a valid client certificate before allowing access to a simple RESTful resource.