Programmatically trust Hoverfly Java certificate

Amr Lotfy:

Using Hoverfly-java to mock a web service in a unit test, and using HttpClient as the web client, found that the Hoverfly proxy settings are propagated correctly using Hoverfly, useSystemProperties()but I still get the TLS error: Unknown certificate, I have to manually add the certificate to the key using library

wget https://raw.githubusercontent.com/SpectoLabs/hoverfly/master/core/cert.pem
sudo $JAVA_HOME/bin/keytool -import -alias hoverfly -keystore $JAVA_HOME/jre/lib/security/cacerts -file cert.pem

I need to add Hoverfly SSL context without above two commands, I have tried:

CloseableHttpClient httpClient = httpClientBuilder.useSystemProperties().setSSLContext(SomeTestClass.hoverflyRule.getSslConfigurer().getSslContext()).build();

But still there is TLS error, any ideas?

I know it's possible to run from the above two commands using java code, ProcessBuilderbut this creates security issues as it requires sudo access and unwanted exploits (which also won't work).

Amr Lotfy:

After contacting Hoverfly support, my work is as follows

CloseableHttpClient httpClient = HttpClients.custom()
            //.setConnectionManager(poolingConnectionManager) //this causes TLS errors so I commented it out until this final issue is solved.
            .setRetryHandler(new DefaultHttpRequestRetryHandler(2, true))
            .setKeepAliveStrategy(new DefaultConnectionKeepAliveStrategy())
            .setDefaultRequestConfig(requestConfig)
            .setDefaultCredentialsProvider(credsProvider)
            .setDefaultHeaders(headers)
            .useSystemProperties()
            .build();

I'm still having issues using setConnectionManager()(resulting in TLS errors again), these are the settings I need to add for the newly created settingsHttpCleint

PoolingHttpClientConnectionManager poolingConnectionManager = new PoolingHttpClientConnectionManager(30, TimeUnit.SECONDS);
poolingConnectionManager.setMaxTotal(1000);
poolingConnectionManager.setDefaultMaxPerRoute(1000);

renew

Problem solved, after searching and contact hoverfly support i found a similar problem , i solved it using sol

private PoolingHttpClientConnectionManager getPoolingHttpClientConnectionManager() {
    SSLConnectionSocketFactory sslsocketFactory = null;
    try {
        sslsocketFactory = new SSLConnectionSocketFactory(SSLContext.getDefault(), new DefaultHostnameVerifier());
    } catch (NoSuchAlgorithmException e) {
        e.printStackTrace();
    }

    Registry<ConnectionSocketFactory> socketFactoryRegistry = RegistryBuilder.<ConnectionSocketFactory>create()
                                                                .register("https", sslsocketFactory)
                                                                .register("http", PlainConnectionSocketFactory.INSTANCE)
                                                                .build();

    PoolingHttpClientConnectionManager poolingConnectionManager = new PoolingHttpClientConnectionManager(socketFactoryRegistry); 
    poolingConnectionManager.setMaxTotal(1000);
    poolingConnectionManager.setDefaultMaxPerRoute(1000);
    // Used these settings instead of constructor parameters (long timeToLive, TimeUnit timeUnit)
    poolingConnectionManager.closeIdleConnections(30, TimeUnit.SECONDS);

    return poolingConnectionManager;
}

I hope Hoverfly takes care of all these troubles.

Related

Programmatically trust Hoverfly Java certificate

Amr Lotfy: Using Hoverfly-java to mock a web service in a unit test, and using HttpClient as the web client, found that the Hoverfly proxy settings are propagated correctly using Hoverfly, useSystemProperties()but I still get the TLS error: Unknown certificate

Check certificate validity against custom trust list in Java

usr-local-ΕΨΗΕΛΩΝ I have a document that is digitally signed using CAdES. I use the BouncyCastle API to get the instance of the X509Certificate[]signer , but let's assume the list contains one and one unique element. I need to confirm today that the certificat

Call AS400 Java application from RPGLE to trust .PFX certificate

username I've been working on it all day, just guessing what to do. Anyone who seems to know how this function works assumes that everyone else knows what they're talking about. They'll say things like using utility ABC to generate DEF, but assuming you know w

Programmatically trust Hoverfly Java certificate

Amr Lotfy: Using Hoverfly-java to mock a web service in a unit test, and using HttpClient as the web client, found that the Hoverfly proxy settings are propagated correctly using Hoverfly, useSystemProperties()but I still get the TLS error: Unknown certificate

Programmatically trust Hoverfly Java certificate

Amr Lotfy: Using Hoverfly-java to mock a web service in a unit test, and using HttpClient as the web client, found that the Hoverfly proxy settings are propagated correctly using Hoverfly, useSystemProperties()but I still get the TLS error: Unknown certificate

Check certificate validity against custom trust list in Java

usr-local-ΕΨΗΕΛΩΝ I have a document that is digitally signed using CAdES. I use the BouncyCastle API to get the instance of the X509Certificate[]signer , but let's assume the list contains one and one unique element. I need to confirm today that the certificat

Check certificate validity against custom trust list in Java

usr-local-ΕΨΗΕΛΩΝ I have a document that is digitally signed using CAdES. I use the BouncyCastle API to get the instance of the X509Certificate[]signer , but let's assume the list contains one and one unique element. I need to confirm today that the certificat

Call AS400 Java application from RPGLE to trust .PFX certificate

username I've been working on it all day, just guessing what to do. Anyone who seems to know how this function works assumes that everyone else knows what they're talking about. They'll say things like using utility ABC to generate DEF, but assuming you know w

Call AS400 Java application from RPGLE to trust .PFX certificate

username I've been working on it all day, just guessing what to do. Anyone who seems to know how this function works assumes that everyone else knows what they're talking about. They'll say things like using utility ABC to generate DEF, but assuming you know w

Java - Standard SSL certificate all trust codes fail

Mints 97 I think that almost every Java programmer who has experience with SSL certificate trust errors by now has used or at least encountered the following code: // Create a trust manager that does not validate certificate chains TrustManager[] trust

How to trust a certificate authority in Java?

and My application connects to an SSL web service, which uses a certificate to verify its identity. Recently this certificate has been changed and part of my application is failing because it is not signed by a trusted authority. The service recommends that to

Call AS400 Java application from RPGLE to trust .PFX certificate

username I've been working on it all day, just guessing what to do. Anyone who seems to know how this function works assumes that everyone else knows what they're talking about. They'll say things like using utility ABC to generate DEF, but assuming you know w

Programmatically trust Hoverfly Java certificate

Amr Lotfy: Using Hoverfly-java to mock a web service in a unit test, and using HttpClient as the web client, found that the Hoverfly proxy settings are propagated correctly using Hoverfly, useSystemProperties()but I still get the TLS error: Unknown certificate

Check certificate validity against custom trust list in Java

usr-local-ΕΨΗΕΛΩΝ I have a document that is digitally signed using CAdES. I use the BouncyCastle API to get the instance of the X509Certificate[]signer , but let's assume the list contains one and one unique element. I need to confirm today that the certificat

Check certificate validity against custom trust list in Java

usr-local-ΕΨΗΕΛΩΝ I have a document that is digitally signed using CAdES. I use the BouncyCastle API to get the instance of the X509Certificate[]signer , but let's assume the list contains one and one unique element. I need to confirm today that the certificat

Call AS400 Java application from RPGLE to trust .PFX certificate

username I've been working on it all day, just guessing what to do. Anyone who seems to know how this function works assumes that everyone else knows what they're talking about. They'll say things like using utility ABC to generate DEF, but assuming you know w

Call AS400 Java application from RPGLE to trust .PFX certificate

username I've been working on it all day, just guessing what to do. Anyone who seems to know how this function works assumes that everyone else knows what they're talking about. They'll say things like using utility ABC to generate DEF, but assuming you know w

Call AS400 Java application from RPGLE to trust .PFX certificate

username I've been working on it all day, just guessing what to do. Anyone who seems to know how this function works assumes that everyone else knows what they're talking about. They'll say things like using utility ABC to generate DEF, but assuming you know w

Call AS400 Java application from RPGLE to trust .PFX certificate

username I've been working on it all day, just guessing what to do. Anyone who seems to know how this function works assumes that everyone else knows what they're talking about. They'll say things like using utility ABC to generate DEF, but assuming you know w