Alexander Ashitkin
02/23/2023, 4:25 PMjava.lang.NullPointerException: No password supplied for PKCS#12 KeyStore.
at org.bouncycastle.jcajce.provider.ProvPKCS12$PKCS12KeyStoreSpi.engineLoad(Unknown Source)
at java.base/java.security.KeyStore.load(KeyStore.java:1479)
at java.base/sun.security.ssl.TrustStoreManager$TrustAnchorManager.loadKeyStore(TrustStoreManager.java:365)
at java.base/sun.security.ssl.TrustStoreManager$TrustAnchorManager.getTrustedCerts(TrustStoreManager.java:313)
at java.base/sun.security.ssl.TrustStoreManager.getTrustedCerts(TrustStoreManager.java:55)
at java.base/sun.security.ssl.TrustManagerFactoryImpl.engineInit(TrustManagerFactoryImpl.java:49)
at java.base/javax.net.ssl.TrustManagerFactory.init(TrustManagerFactory.java:278)
at com.github.tomakehurst.wiremock.http.ssl.SSLContextBuilder.loadTrustManagers(SSLContextBuilder.java:92)
at com.github.tomakehurst.wiremock.http.ssl.SSLContextBuilder.loadDefaultTrustManagers(SSLContextBuilder.java:99)
at com.github.tomakehurst.wiremock.http.ssl.SSLContextBuilder.loadTrustMaterial(SSLContextBuilder.java:82)
at com.github.tomakehurst.wiremock.http.HttpClientFactory.buildAllowAnythingSSLContext(HttpClientFactory.java:222)
at com.github.tomakehurst.wiremock.http.HttpClientFactory.buildSslContext(HttpClientFactory.java:154)
at com.github.tomakehurst.wiremock.http.HttpClientFactory.createClient(HttpClientFactory.java:111)
at com.github.tomakehurst.wiremock.http.ProxyResponseRenderer.<init>(ProxyResponseRenderer.java:82)
at com.github.tomakehurst.wiremock.core.WireMockApp.buildStubRequestHandler(WireMockApp.java:181)
at com.github.tomakehurst.wiremock.WireMockServer.<init>(WireMockServer.java:72)
at com.github.tomakehurst.wiremock.junit5.WireMockExtension.startServerIfRequired(WireMockExtension.java:144)
at com.github.tomakehurst.wiremock.junit5.WireMockExtension.beforeAll(WireMockExtension.java:206)
at org.junit.jupiter.engine.descriptor.ClassBasedTestDescriptor.lambda$invokeBeforeAllCallbacks$12(ClassBasedTestDescriptor.java:395)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.jupiter.engine.descriptor.ClassBasedTestDescriptor.invokeBeforeAllCallbacks(ClassBasedTestDescriptor.java:395)
at org.junit.jupiter.engine.descriptor.ClassBasedTestDescriptor.before(ClassBasedTestDescriptor.java:211)
at org.junit.jupiter.engine.descriptor.ClassBasedTestDescriptor.before(ClassBasedTestDescriptor.java:84)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$6(NodeTestTask.java:148)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$8(NodeTestTask.java:141)
at org.junit.platform.engine.support.hierarchical.Node.around(Node.java:137)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.lambda$executeRecursively$9(NodeTestTask.java:139)
at org.junit.platform.engine.support.hierarchical.ThrowableCollector.execute(ThrowableCollector.java:73)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.executeRecursively(NodeTestTask.java:138)
at org.junit.platform.engine.support.hierarchical.NodeTestTask.execute(NodeTestTask.java:95)
I use wire mock in a basic (plain connection/no proxy) scenario, but because of application-wide SSL configuration, it fails:
• Wiremock doesn’t pick up keystore or trust store types from the options - it uses default types. So it picks up the default pkcs12 store type, which is not fips compatible and fails.
• And I cannot work it around by reconfiguring the SSL layer just to let Wiremock run. I tried different options but it seems the only way forward is to configure wiremock server in SSL mode - generate self-signed certs, etc. It feels redundant.
Do you know if I can bypass the SSL setup completely? I use httpsEnabled=false
and don’t need it in my scenarios.
Thank youTom
02/23/2023, 5:08 PMAlexander Ashitkin
02/23/2023, 5:26 PMTom
02/24/2023, 10:08 AM