https://linen.dev logo
#help
Title
d

Darren Rose

07/13/2023, 8:14 AM
Hi, I am using https://wiremock.org/docs/standalone/docker/ and I'd like to configure
--https-keystore
to use a self-signed certificate for the domain
ct-mock
- any help/suggestions welcomed
o

Oleg Nenashev

07/13/2023, 9:08 AM
You can pass
--https-keystore
through parameters, and then pass all the necessary Keystore files via Docker volume or custom image.
d

Darren Rose

07/13/2023, 9:20 AM
I used
keytool -genkey -alias profiler -keyalg RSA -validity 3650 -keypass password -keystore wiremock.jks -storepass password -ext SAN=dns:ct-mock,ip:127.0.0.1
and then
--https-keystore /home/wiremock/wiremock.jks
but Google Chrome still reports as invalid cert - not specifically a wiremock issue I guess
o

Oleg Nenashev

07/13/2023, 9:23 AM
Is your certificate verified by a trust root?
d

Darren Rose

07/13/2023, 9:40 AM
I'm not sure what that means 🙂
d

Darren Rose

07/13/2023, 9:46 AM
ah no - I used ``keytool -genkey -alias profiler -keyalg RSA -keysize 1024 -validity 1365 -keypass password -keystore wiremock.jks -storepass password -ext SAN=dnsct mock,ip0.0.0.0``
o

Oleg Nenashev

07/13/2023, 9:47 AM
How did you generate this certificate?
d

Darren Rose

07/13/2023, 9:52 AM
o

Oleg Nenashev

07/13/2023, 9:59 AM
1. Create a self signed certificate..
Well, then the response from Chrome is totally expected, as designed for a common user-focused browser that protects its users from Malicious HTTPs sites
If you want Chrome to operate without such warnings and to go to advanced mode, you need to either issue a valid certificate which would be certified by the trust chain. Or you can configure your browser to accept a custom certificate, it is likely to require an exception from your security team Alternatively, you can use WireMock Cloud that serves HTTPs from a valid certificate provided by the service
🙌 1