Hello, I am trying to setup a proxy for https requests using the WireMock docker, but I am struggling to get it to work. I would like to be able to make a request to

<https://localhost:8443>

and for that to be forwarded to

<https://google.com>

for example. This is what I tried:

// create a pkcs12 keystore
openssl req -x509 -newkey rsa:4096 -keyout key.pem -out cert.pem -days 365 -nodes -subj /CN=localhost
openssl pkcs12 -export -in cert.pem -inkey key.pem -out mycert.p12 -name "WireMockCert"

// start wiremock docker
docker run -it --rm -p 8080:8080 --name wiremock --volume ./:/certs wiremock/wiremock --https-port 8443 --https-keystore /certs/mycert.p12 --keystore-type pkcs12

After installing the cert in the trusted root store on my Windows machine, when I makes requests to

<https://localhost:8443>

, I get

Connection refused

from both Postman and PowerShell. Can someone please explain what I'm missing / doing wrong?

Does it work if you leave out the keystore parameters so that you get WireMock’s default cert?

I had forgotten to open the port on the container. After doing that I now get

The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel

. I assume this is because the self signed cert provided in the container is not trusted. I have tried installing in the Trusted Root Certificate Authorities of my local machine, but I still get the same issue. I used this command to get the certificate from the WireMock server. Is this the right way to get it?

echo -n | openssl s_client -connect localhost:8443 |  sed -ne '/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p' > WireMock.crt

If you’re using forward proxying you need to download the signing cert from https://localhost:8443/__admin/certs/wiremock-ca.crt

Trying that URL gives me

Failed to export certificate authority cert from /root/.wiremock/ca-keystore.jks

and the following error in the container. Looks like

/root/.wiremock/

doesn't exist in the container.

2023-10-16 19:10:02.392 Failed to export certificate authority cert from /root/.wiremock/ca-keystore.jks
java.lang.IllegalArgumentException: resource /root/.wiremock/ca-keystore.jks not found.
        at com.github.tomakehurst.wiremock.common.ParameterUtils.checkParameter(ParameterUtils.java:38)
        at com.github.tomakehurst.wiremock.common.ResourceUtil.getResource(ResourceUtil.java:39)
        at com.github.tomakehurst.wiremock.common.ssl.ReadOnlyFileOrClasspathKeyStoreSource.createInputStream(ReadOnlyFileOrClasspathKeyStoreSource.java:50)
        at com.github.tomakehurst.wiremock.common.ssl.KeyStoreSource.load(KeyStoreSource.java:41)
        at com.github.tomakehurst.wiremock.common.ssl.KeyStoreSettings.loadStore(KeyStoreSettings.java:55)
        at com.github.tomakehurst.wiremock.admin.tasks.GetCaCertTask.execute(GetCaCertTask.java:44)
        at com.github.tomakehurst.wiremock.http.AdminRequestHandler.handleRequest(AdminRequestHandler.java:83)
        at com.github.tomakehurst.wiremock.http.AbstractRequestHandler.handle(AbstractRequestHandler.java:72)
        at com.github.tomakehurst.wiremock.servlet.WireMockHandlerDispatchingServlet.service(WireMockHandlerDispatchingServlet.java:157)
        at wiremock.jakarta.servlet.http.HttpServlet.service(HttpServlet.java:587)
        at wiremock.org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:764)
        at wiremock.org.eclipse.jetty.servlet.ServletHandler$ChainEnd.doFilter(ServletHandler.java:1665)
        at wiremock.org.eclipse.jetty.servlets.CrossOriginFilter.handle(CrossOriginFilter.java:322)
        at wiremock.org.eclipse.jetty.servlets.CrossOriginFilter.doFilter(CrossOriginFilter.java:272)
        at wiremock.org.eclipse.jetty.servlet.FilterHolder.doFilter(FilterHolder.java:202)
        at wiremock.org.eclipse.jetty.servlet.ServletHandler$Chain.doFilter(ServletHandler.java:1635)
        at wiremock.org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java:527)
        at wiremock.org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:221)
        at wiremock.org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1381)
        at wiremock.org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:176)
        at wiremock.org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:484)
        at wiremock.org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:174)
        at wiremock.org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1303)
        at wiremock.org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:129)
        at wiremock.org.eclipse.jetty.server.handler.HandlerCollection.handle(HandlerCollection.java:141)
        at wiremock.org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:122)
        at wiremock.org.eclipse.jetty.server.Server.handle(Server.java:563)
        at wiremock.org.eclipse.jetty.server.HttpChannel$RequestDispatchable.dispatch(HttpChannel.java:1598)
        at wiremock.org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:753)
        at wiremock.org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:501)
        at wiremock.org.eclipse.jetty.server.HttpChannel.run(HttpChannel.java:461)
        at wiremock.org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:421)
        at wiremock.org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:390)
        at wiremock.org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:277)
        at wiremock.org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.produce(AdaptiveExecutionStrategy.java:193)
        at wiremock.org.eclipse.jetty.http2.HTTP2Connection.produce(HTTP2Connection.java:208)
        at wiremock.org.eclipse.jetty.http2.HTTP2Connection.onFillable(HTTP2Connection.java:155)
        at wiremock.org.eclipse.jetty.http2.HTTP2Connection$FillableCallback.succeeded(HTTP2Connection.java:450)
        at wiremock.org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
        at wiremock.org.eclipse.jetty.io.ssl.SslConnection$DecryptedEndPoint.onFillable(SslConnection.java:558)
        at wiremock.org.eclipse.jetty.io.ssl.SslConnection.onFillable(SslConnection.java:379)
        at wiremock.org.eclipse.jetty.io.ssl.SslConnection$2.succeeded(SslConnection.java:146)
        at wiremock.org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:100)
        at wiremock.org.eclipse.jetty.io.SelectableChannelEndPoint$1.run(SelectableChannelEndPoint.java:53)
        at wiremock.org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.runTask(AdaptiveExecutionStrategy.java:421)
        at wiremock.org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.consumeTask(AdaptiveExecutionStrategy.java:390)
        at wiremock.org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.tryProduce(AdaptiveExecutionStrategy.java:277)
        at wiremock.org.eclipse.jetty.util.thread.strategy.AdaptiveExecutionStrategy.run(AdaptiveExecutionStrategy.java:199)
        at wiremock.org.eclipse.jetty.util.thread.ReservedThreadExecutor$ReservedThread.run(ReservedThreadExecutor.java:411)
        at wiremock.org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:969)
        at wiremock.org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.doRunJob(QueuedThreadPool.java:1194)
        at wiremock.org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:1149)
        at java.base/java.lang.Thread.run(Unknown Source)