<@U03N1E342B0>
i have imported Wiremock self signe...
# helpj
Jackie chen
04/05/2024, 3:42 AM@Tom
i have imported Wiremock self signed certifiicate ca-keystore.jks into Java8's default cacerts to be trusted on clients,
can it be used in java 8 http clients to send a https request to Java 17 Wiremock ?
i am getting the following error after starting up wiremock with Java 17 java --add-exports=java.base/sun.security.x509=ALL-UNNAMED
Path does not chain with any of the trust anchors; nested exception is <http://javax.net|javax.net>.ssl.SSLHandshakeException: PKIX path validation failed: java.security.cert.CertPathValidatorException: Path does not chain with any of the trust anchorsJackie chen
04/05/2024, 11:10 PMgiving more information
i imported Wiremock's self signed cert into Java8 cacerts using keytool -importkeystore -srckeystore ca-keystore.jks -destkeystore cacerts -srcstoretype jks -alias Alias and start Wiremock with --add-exports=java.base/sun.security.x509=ALL-UNNAMED on Java 17 with enableBrowserProxy started through WiremockServer WireMockConfiguration programmatically.
then on api clients, i add -Djavax.net.ssl.trustStore=<path to cacerts> but i am getting
Path does not chain with any of the trust anchorsJackie chen
04/06/2024, 1:48 AMUpdate: looks like it works when i import Wiremock's self signed cert again from $HOME/.wiremock/ca-keystore.jks
the previous version has become not working not sure why
Working version
Copy code
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 1 entry
Alias name: wiremock-ca
Creation date: Nov 9, 2023
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=WireMock Local Self Signed Root Certificate
Issuer: CN=WireMock Local Self Signed Root Certificate
Serial number: 5ff6b7c6
Valid from: Thu Nov 09 09:36:44 JST 2023 until: Wed Nov 09 09:36:44 JST 2033
Certificate fingerprints:
SHA1: C7:90:7E:48:B9:F9:CC:A6:CB:50:F4:37:3C:D1:F1:A3:01:99:BF:51
SHA256: 2A:45:7E:57:21:8F:DC:01:C1:9C:6B:05:E2:D3:17:2E:3B:33:63:4A:50:4F:D8:FC:16:06:9E:4B:3C:8F:B3:30
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3
Extensions:
#1: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: C1 43 C5 71 4D 8C 5D 97 9E 91 54 B4 5A C4 17 D7 .C.qM.]...T.Z...
0010: 3B 57 AE 3F ;W.?
]
]
#2: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
#3: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
#4: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: C1 43 C5 71 4D 8C 5D 97 9E 91 54 B4 5A C4 17 D7 .C.qM.]...T.Z...
0010: 3B 57 AE 3F ;W.?
]
]
*******************************************
******************************************* Copy code
Keystore type: JKS
Keystore provider: SUN
Your keystore contains 2 entries
Alias name: alias
Creation date: Jun 12, 2023
Entry type: trustedCertEntry
Owner: CN=WireMock Local Self Signed Root Certificate
Issuer: CN=WireMock Local Self Signed Root Certificate
Serial number: 4cc574e1
Valid from: Thu May 25 11:19:32 JST 2023 until: Wed May 25 11:19:32 JST 2033
Certificate fingerprints:
SHA1: B9:3B:7F:8B:D0:A1:63:9F:A3:CA:4F:7A:F7:0D:F9:9C:33:4A:C7:C6
SHA256: C7:46:EE:64:6B:8B:0D:55:F5:E4:0B:C6:9B:32:03:73:2D:51:03:BD:37:F5:CE:E1:54:11:80:F5:F4:45:B3:B8
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3
Extensions:
#1: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: 00 46 0B A3 46 22 53 A6 3F 74 D8 07 87 07 8E CE .F..F"S.?t......
0010: BB 53 8D 96 .S..
]
]
#2: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
#3: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
#4: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 00 46 0B A3 46 22 53 A6 3F 74 D8 07 87 07 8E CE .F..F"S.?t......
0010: BB 53 8D 96 .S..
]
]
*******************************************
*******************************************
Alias name: wiremock-ca
Creation date: Dec 17, 2021
Entry type: PrivateKeyEntry
Certificate chain length: 1
Certificate[1]:
Owner: CN=WireMock Local Self Signed Root Certificate
Issuer: CN=WireMock Local Self Signed Root Certificate
Serial number: 1c54b3b7
Valid from: Fri Dec 17 15:09:41 JST 2021 until: Wed Dec 17 15:09:41 JST 2031
Certificate fingerprints:
SHA1: 30:7C:37:0C:F2:28:DA:E2:D5:74:6B:AE:6E:8E:49:FA:9D:CF:E1:2A
SHA256: F3:7E:8B:E3:03:FA:0D:62:2E:45:D9:D8:77:F7:6B:21:4E:03:78:A9:EE:1D:0F:FA:56:F4:8B:08:9C:F6:06:08
Signature algorithm name: SHA256withRSA
Subject Public Key Algorithm: 2048-bit RSA key
Version: 3
Extensions:
#1: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: BA 83 54 D0 01 14 3A 47 1A 10 7B 35 7B D2 B3 86 ..T...:G...5....
0010: 0F E6 CF 9A ....
]
]
#2: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen: no limit
]
#3: ObjectId: 2.5.29.15 Criticality=true
KeyUsage [
Key_CertSign
Crl_Sign
]
#4: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: BA 83 54 D0 01 14 3A 47 1A 10 7B 35 7B D2 B3 86 ..T...:G...5....
0010: 0F E6 CF 9A ....
]
]
*******************************************
*******************************************58 Views