I am also facing issue in proxying HTTPS URL that needs mutual SSL. I understand this
which says "You need to build a trust store containing your client certificate and configure WireMock to use it." but my issue is on top of this.
Proposed solution:
- I think it should use use keystore in line "
.loadKeyMaterial(trustStore, trustStoreSettings.password().toCharArray());" instead of truststore.
- So it should be something like "
.loadKeyMaterial(keystore, keystoreSettings.password().toCharArray());"
- This was keystore will be used to pass as client cert in mutual SSL & truststore will be used to trust target.
Code snippet:
private static SSLContext buildSSLContextWithTrustStore(
KeyStoreSettings trustStoreSettings,
boolean trustSelfSignedCertificates,
List<String> trustedHosts) {
try {
KeyStore trustStore = trustStoreSettings.loadStore(); SSLContextBuilder sslContextBuilder =
SSLContextBuilder.create()
.loadKeyMaterial(trustStore, trustStoreSettings.password().toCharArray()); ------> Change proposed here
if (trustSelfSignedCertificates) {
sslContextBuilder.loadTrustMaterial(new TrustSelfSignedStrategy());
} else if (containsCertificate(trustStore)) {
sslContextBuilder.loadTrustMaterial(
trustStore, new TrustSpecificHostsStrategy(trustedHosts)); --------> This is fine
} else {
sslContextBuilder.loadTrustMaterial(new TrustSpecificHostsStrategy(trustedHosts));
}