Jackie chen

06/12/2023, 2:04 AM
Hello when http clients send a https request to wiremock server and it gets PKIX path building failed: unable to find valid certification path to requested target error e.g. proxy: http://wiremock_host:port (browserProxyEnabled) do you have suggestions on how to avoid this https error without changing http clients as there are many clients in my use case?

Oleg Nenashev

06/12/2023, 6:07 AM
You would need to add WireMock destination to the trust store on your client side. You can do it via JVM args without modifying the client (see ````)

Jackie chen

06/12/2023, 11:01 AM
@Oleg Nenashev I found the $HOME/.wiremock/ca-keystore.jks file on my local machine and added$HOME/.wiremock/ca-keystore.jks onto my http client app as you suggested, but i am getting the following error:
Exception in thread "main" <|>.ssl.SSLHandshakeException: PKIX path validation failed: Path does not chain with any of the trust anchors
at should it be the .jks file on wiremock server not my local machine? but it’s the same file name.
@Oleg Nenashev @Tom after adding jvm argument, it overrides the default location <java-home>/lib/security/ of the keystore/truststore and causes the issue. Could you please suggest how we can keep the default location plus the additional self signed cert of wiremock by this jvm argument?