How to enable HTTPS for standalone Wiremock

Asked 4/10, 2016 at 10:49 Answered 14/7, 2024 at 23:0

Overview:

I used wiremock standalone 2.1.11 and did the following to enable HTTPS URL for my request but to no avail:

Studying the doc http://wiremock.org/docs/running-standalone/
Adding --https-port but nothing happened
Adding keystore but again no progress

The command for running the wiremock is as follows:

java -jar wiremock-standalone-2.1.11.jar --port 8920 --https-port 8921 --https-keystore /home/wiremock/keystore/clientkeystore --verbose

Note: I can connect via http port correctly

Now I would be grateful if anyone could help me find solution for HTTPS connection.

Threesquare answered 4/10, 2016 at 10:49 Comment(2)

Is your keystore password different from "password"? (The documentation explicitly states "The keystore must have a password of “password”.") – Horatius 8/10, 2016 at 15:36

No I created the keystore base on the wiremock https doc and used "password" as my keystore pass – Threesquare 10/10, 2016 at 5:59

Generate java key store for wiremock
```
 keytool -genkey -alias wiremock -keyalg RSA -keysize 1024 \
 -validity 365 -keypass password -keystore identity.jks -storepass password
```
Important --- Follow the prompts to specify the certificate details:
- First and last name: this is not your name, it is the Common Name (CN), for example 'confluence.example.com'. The CN must match the fully qualified hostname of the server running Confluence, or Tomcat won't be able to use the certificate for SSL.
- Organizational unit: this is the team or department requesting the certificate, for example 'marketing'.
- Organization: this is your company name, for example 'SeeSpaceEZ'. City, State / province, country code: this is where you're located, for example Sydney, NSW, AU.

Create the self-signed certification

openssl req -x509 -nodes -days 365 -newkey rsa:2048 -keyout localhost.key -out localhost.crt -config localhost.conf

Import certification into keystore

 keytool -import -trustcacerts -alias mock -file localhost.crt -keystore identity.jks

Start wiremock with the new keystore and HTTPS enabled

 java -jar wiremock-1.54-standalone.jar --https-port 8443 --https-keystore 
 ./identity.jks

Resources:

The answer is from https://gist.github.com/mobmad/433ba54e9cb97d6d7771#1-generate-self-signed-certificate

Privatdocent answered 19/6, 2018 at 0:39 Comment(2)

what do you mean by the first bullet... what does it have to do with confluence? why would you want to make a certificate for it? I thought we need a CA for the wiremock to create its own certificates, not some specific certificate? – Hage 21/2, 2023 at 9:30

for https, you need to make a CA(any your own local CA) – Privatdocent 28/2, 2023 at 4:55

I faced this issue where I wanted to mock one https ajax call to third party which is invoked during the page load. Our original wiremock setup was done on http and hence we were getting the error

 was loaded over HTTPS, but requested an insecure XMLHttpRequest endpoint

To fix that I simply need to enable the Wiremock server to listen on Secure port (Please see the bold part of the code). Please see below the UtilityClass which starts stop the WireMock Server before each tests.

public class WireMockHook {
    public static final int WIREMOCK_PORT_NUMBER = 8089;
    public static final int WIREMOCK_SECURE_PORT_NUMBER = 8043;
    public static final String WIREMOCK_HOST = "localhost";
    private WireMockServer wireMockServer;

    @Before(order = 0)
    public void startWireMock() {
        wireMockServer = new WireMockServer(wireMockConfig().httpsPort(WIREMOCK_SECURE_PORT_NUMBER).port(WIREMOCK_PORT_NUMBER));
        wireMockServer.start();
        configureFor(WIREMOCK_HOST, WIREMOCK_PORT_NUMBER);
    }

    @After(order = 0)
    public void stopWireMock() {
        wireMockServer.stop();
    }
}

Culinarian answered 27/8, 2019 at 16:21 Comment(0)

If you would like to run WireMock through HTTPS you have two options:

use the default self-signed certificate, what has a documented, well known password: password, or
create your own self-signed certificate with a secret password.

I generated my own private key (genrsa).
Then I generated a certificate with the private key (req -key <PRIVATE_KEY> -days 365 -out <CERT.PEM>).
After that I created a pkcs file that contains the private key and the certificate together which required a password (pkcs12 -inkey <PRIVATE_KEY> -in <CERT.PEM> -out <CERT.PK12>).
On Windows, you need to install the p12 file to key-store. This means a right click on the pk12 file and the Install PFX menu option. During installation Windows required me to provide password to protect private key (as I did not provide one at the time of generation). This is the password what I have to provide as key-manager-password.

In my case, the command that starts WireMock in HTTPS mode, with the above settings, looks like this

java -jar "<WIREMOCK_HOME>\wiremock-standalone-3.6.0.jar" 
--https-port 8443 --https-keystore <PATH_TO_PKCS12_FILE>\wiremock.p12 --keystore-password <PKCS12_FILE_PASSWORD> --keystore-type pkcs12 --key-manager-password <PRIVATE_KEY_PROTECTOR_PASSWORD_IN_CERTIFICATION_STORE>

If you want to disable http mode at the same time add --disable-http too

Horton answered 14/7, 2024 at 23:0 Comment(0)

Recommended topics

Hot tags