New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
support standalone process with keystore/truststore type #994
Comments
I'll mark this as a feature request. The reason we never bothered putting it in the CLI is that for a while the only practical reason to change it from the default was embedded Android testing. |
Happy to accept a PR if you need this at all quickly. |
Unfortunately, while testing the pull request, I noticed that this alone is not supporting PKCS12 as keystore. In addition the keystore password is required as described in #807. Temporarily setting the password in JettyHttpServer allows using a PKCS12 keystore. As described in the issue, it would break backwards compatibility so I haven't included that change in this PR. |
Sorry for the long delay on this. Is it not sufficient to use the existing |
When I last tested this, it was not sufficient because it is not propagated in the JettyHttpServer. |
Ah yes, it's calling I think this is a rare case where a breaking change might be the best way forward, adding support for both a key store and key manager password as separate config parameters (switching Would you be willing to add this to your PR? |
Ok. I'm on it. Implementation seems to be done but I still have to test it in the next few days. |
Updated the pull request. But I have no idea where to document that it contains the breaking change. |
Perhaps the breaking change could be documented in the release notes? It would be great if this could be merged. I was almost about to start working on a fix for https://github.com/tomakehurst/wiremock/issues/807 when I realised that this fixes it. Thanks @aklemp for addressing this. |
Wiremock 2.19.0
Started in Docker (https://hub.docker.com/r/rodolpheche/wiremock/) which is just bundling Wiremock in the standalone mode. The following arguments are used:
--https-port 8443 --https-keystore /home/wiremock/keystore.p12 --global-response-templating --verbose
As shown in the configuration above, I'm using a keystore in PKCS12 format for various reasons (default in Java 9, Java keytool warnings when using JKS, consistency with other services I use). However, the HTTPS endpoint is only working when giving a keystore in JKS format. I also think to have found the cause.
When using the WiremockRule, the keystore and truststore types can be passed programmatically: https://github.com/tomakehurst/wiremock/blob/2.19.0/src/main/java/com/github/tomakehurst/wiremock/core/WireMockConfiguration.java#L349
This is simply missing in the configuration for the standalone mode: https://github.com/tomakehurst/wiremock/blob/2.19.0/src/main/java/com/github/tomakehurst/wiremock/standalone/CommandLineOptions.java#L240
I don't have a clue why this could be on purpose so it seems to be a bug.
The text was updated successfully, but these errors were encountered: