https://linen.dev logo
#general
Title
# general
j

Jackie chen

06/12/2023, 2:04 AM
Hello when http clients send a https request to wiremock server and it gets messagesun.security.validator.ValidatorException PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target error e.g. https://sample.com proxy: http://wiremock_host:port (browserProxyEnabled) do you have suggestions on how to avoid this https error without changing http clients as there are many clients in my use case?
o

Oleg Nenashev

06/12/2023, 6:07 AM
You would need to add WireMock destination to the trust store on your client side. You can do it via JVM args without modifying the client (see ``-Djavax.net.ssl.trustStore``)
j

Jackie chen

06/12/2023, 11:01 AM
@Oleg Nenashev I found the $HOME/.wiremock/ca-keystore.jks file on my local machine and added -Djavax.net.ssl.trustStore=$HOME/.wiremock/ca-keystore.jks onto my http client app as you suggested, but i am getting the following error:
Exception in thread "main" <http://javax.net|javax.net>.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchors
at sun.security.ssl.Alert.createSSLException(Alert.java:131) should it be the .jks file on wiremock server not my local machine? but it’s the same file name.
@Oleg Nenashev @Tom after adding jvm argument -Djavax.net.ssl.trustStore, it overrides the default location <java-home>/lib/security/ of the keystore/truststore and causes the issue. Could you please suggest how we can keep the default location plus the additional self signed cert of wiremock by this jvm argument?
6 Views