Hi, I have a Spring Boot 3 app with Java 17 and I'...
# help
f
Hi, I have a Spring Boot 3 app with Java 17 and I'm using Bundles running on Ubuntu 24.04 Linux, with keystore.p12 and truststore.p12 files in PKCS12 format. All theese works ok for the project, but the problem I'm having es that WireMockServer does not like something on theese files, or happens something that I can't find out. This is the Bundles config in application.yml
Copy code
spring:
   ssl:
      bundle:
         jks:
            client:
               reload-on-update: true
               keystore:
                  location: classpath:${keystore/server-keystore.p12}
                  password: (a password)
                  type: PKCS12
               truststore:
                  location: classpath:${keystore/server-truststore.p12}
                  password: (a password)
                  type: PKCS12

wiremock:
   enabled: true
   port: 8081

server:
   port: 8441
   ssl:
      enabled: true
      enabled-protocols: TLSv1.3
      client-auth: none
      bundle: server
And this is the WireMockConfig configuration class:
Copy code
@Configuration
public class WireMockConfig {

    @Value("${wiremock.enabled}")
    private boolean wireMockEnabled;

    @Value("${wiremock.port:0}")
    private int wireMockPort;

    @Value("${server.ssl.enabled}")
    private boolean sslEnabled;

    @Value("${spring.ssl.bundle.jks.client.keystore.location}")
    private String jksClientKeystoreLocation;

    @Value("${spring.ssl.bundle.jks.client.keystore.password}")
    private String jksClientKeystorePassword;

    @Value("${spring.ssl.bundle.jks.client.keystore.type}")
    private String jksClientKeystoreType;

    private WireMockServer wireMockServer;

    @Bean
    public WireMockServer wireMockServer() {
        if (wireMockEnabled && wireMockPort > 0) {
            if (sslEnabled) {
                // Configuración de SSL
                wireMockServer = new WireMockServer(wireMockConfig()
                        .keystorePath(jksClientKeystoreLocation)
                        .keystorePassword(jksClientKeystorePassword)
                        .keystoreType(jksClientKeystoreType)
                        .httpsPort(wireMockPort));
            } else {
                wireMockServer = new WireMockServer(wireMockConfig()
                        .port(wireMockPort));
            }
            wireMockServer.start();
            return wireMockServer;
        }
        return null;
    }

    @PreDestroy
    public void stopWireMockServer() {
        if (wireMockServer != null && wireMockServer.isRunning()) {
            wireMockServer.stop();
        }
    }
}
The jksClientKeystoreLocation variable have "classpath:keystore/server-keystore.p12" The jksClientKeystorePassword variable have the correct password The jksClientKeystoreType variable have "PKCS12" value When running the application I have this error:
Copy code
org.springframework.beans.factory.BeanCreationException: Error creating bean with name 'wireMockServer' defined in class path resource [com/cnd/bndp/controller/config/WireMockConfig.class]: Failed to instantiate [com.github.tomakehurst.wiremock.WireMockServer]: Factory method 'wireMockServer' threw exception with message: java.lang.RuntimeException: java.security.UnrecoverableKeyException: Get Key failed: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
...
Caused by: org.springframework.beans.BeanInstantiationException: Failed to instantiate [com.github.tomakehurst.wiremock.WireMockServer]: Factory method 'wireMockServer' threw exception with message: java.lang.RuntimeException: java.security.UnrecoverableKeyException: Get Key failed: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
...
Caused by: com.github.tomakehurst.wiremock.common.FatalStartupException: java.lang.RuntimeException: java.security.UnrecoverableKeyException: Get Key failed: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
...
Caused by: java.lang.RuntimeException: java.security.UnrecoverableKeyException: Get Key failed: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
...
Caused by: java.security.UnrecoverableKeyException: Get Key failed: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
...
Caused by: javax.crypto.BadPaddingException: Given final block not properly padded. Such issues can arise if a bad key is used during decryption.
	at java.base/com.sun.crypto.provider.CipherCore.unpad(CipherCore.java:862)
	at java.base/com.sun.crypto.provider.CipherCore.fillOutputBuffer(CipherCore.java:942)
	at java.base/com.sun.crypto.provider.CipherCore.doFinal(CipherCore.java:735)
	at java.base/com.sun.crypto.provider.PBES2Core.engineDoFinal(PBES2Core.java:325)
	at java.base/javax.crypto.Cipher.doFinal(Cipher.java:2205)
	at java.base/sun.security.pkcs12.PKCS12KeyStore.lambda$engineGetKey$0(PKCS12KeyStore.java:371)
	at java.base/sun.security.pkcs12.PKCS12KeyStore$RetryWithZero.run(PKCS12KeyStore.java:257)
	at java.base/sun.security.pkcs12.PKCS12KeyStore.engineGetKey(PKCS12KeyStore.java:361)
	... 55 common frames omitted
Any idea what could cause this? Very thanks!
l
Hi, are you seeing any errors or stack traces ?
f
Yeah, sorry, I pressed Enter while writing all the info 🙂
Edited the original message.
I can open the keystore file with an external tool using the same password, so this file is ok and I'm using it on other APIs.
Any help with this? Without SSL is working ok, but with SSL does not.
Finally solved the problem.
l
Hi. Sorry for the delay in getting back to you. Been a little busy in the office. Great to hear you have solved the problem. Could you let us know what the issue was ?
f
I did set the truststore configuration and taked out an applicationReady event in which I did some test call to a mocked service that caused the problem. Calling the same mocked endpoint from Postman did solve it. I think that it have something related to the app not really ready for calling the test endpoint inside the applicationReady event.
👍 1
214 Views