<@U03N1E342B0> <@U0592TMJU4V> I am using wiremock ...
# wiremock-javas
Sandeep Vinayak
02/26/2025, 3:35 AM@Tom @Lee Turner I am using wiremock as a forward proxy and using wiremock over http which eventually makes https request to dynamodb. My expectation that my client to wiremock doesn't need any ssl configuration setup since that's http. However, it still gives me SSLHandShakeException listed in https://wiremock.org/docs/proxying/#browser-proxying-of-https
Copy code
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested targetSandeep Vinayak
02/26/2025, 5:07 AM Copy code
21:04:58.266 [I/O dispatcher 6] DEBUG o.a.h.i.n.c.InternalHttpAsyncClient - [exchange: 46] connection aborted
21:04:58.266 [qtp239648666-42] DEBUG org.eclipse.jetty.io.ManagedSelector - selected 1 channel=java.nio.channels.SocketChannel[connected local=/127.0.0.1:9003 remote=/127.0.0.1:44428], selector=sun.nio.ch.EPollSelectorImpl@4298605c, interestOps=1, readyOps=1 NetworkTrafficSocketChannelEndPoint@1420f363[{l=/127.0.0.1:9003,r=/127.0.0.1:44428,OPEN,fill=FI,flush=-,to=3/30000}{io=1/1,kio=1,kro=1}]->[DownstreamConnection@2ccdfc5c[l:/127.0.0.1:9003<=>r:/127.0.0.1:44428]]
21:04:58.266 [I/O dispatcher 6] DEBUG o.a.h.i.n.c.PoolingNHttpClientConnectionManager - Releasing connection: [id: http-outgoing-45][route: {tls}-><http://localhost:9003>-><https://datastore-java.cn-shanghai.ots.aliyuncs.com:443>][total kept alive: 0; route allocated: 1 of 300; total allocated: 1 of 300]
21:04:58.266 [qtp239648666-42] DEBUG o.e.j.io.SelectableChannelEndPoint - onSelected 1->0 r=true w=false for NetworkTrafficSocketChannelEndPoint@1420f363[{l=/127.0.0.1:9003,r=/127.0.0.1:44428,OPEN,fill=FI,flush=-,to=3/30000}{io=1/0,kio=1,kro=1}]->[DownstreamConnection@2ccdfc5c[l:/127.0.0.1:9003<=>r:/127.0.0.1:44428]]
21:04:58.266 [I/O dispatcher 6] DEBUG o.a.h.i.n.c.PoolingNHttpClientConnectionManager - Connection released: [id: http-outgoing-45][route: {tls}-><http://localhost:9003>-><https://datastore-java.cn-shanghai.ots.aliyuncs.com:443>][total kept alive: 0; route allocated: 0 of 300; total allocated: 0 of 300]
21:04:58.266 [qtp239648666-42] DEBUG o.e.j.io.SelectableChannelEndPoint - task NetworkTrafficSocketChannelEndPoint@1420f363[{l=/127.0.0.1:9003,r=/127.0.0.1:44428,OPEN,fill=FI,flush=-,to=3/30000}{io=1/0,kio=1,kro=1}]->[DownstreamConnection@2ccdfc5c[l:/127.0.0.1:9003<=>r:/127.0.0.1:44428]]:runFillable:BLOCKING
21:04:58.266 [I/O dispatcher 6] DEBUG o.a.h.n.p.HttpAsyncRequestExecutor - http-outgoing-45 [CLOSED]: DisconnectedSandeep Vinayak
02/26/2025, 5:08 AM Copy code
Caused by: com.alicloud.openservices.tablestore.ClientException: Unexpected error: javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.alicloud.openservices.tablestore.core.CallbackImpledFuture.getResultWithoutLock(CallbackImpledFuture.java:120)
at com.alicloud.openservices.tablestore.core.CallbackImpledFuture.get(CallbackImpledFuture.java:90)
at com.alicloud.openservices.tablestore.SyncClient.waitForFuture(SyncClient.java:575)
at com.alicloud.openservices.tablestore.SyncClient.describeTable(SyncClient.java:164)Sandeep Vinayak
02/26/2025, 5:09 AMHowever, if I try to change the destination endpoint of end service to http, it works fine, which definitely is not secure. Not sure why destination endpoint is impacting the client to wiremock connection.
6 Views