CODEWITHSUNDEEP
spring-bootssljunitkeycloak
Julien
Julien

Reputation: 2756

unable to find valid certification path to requested target - Keycloak - Springboot - self-signed certificate - Tests

I have integration tests in my spring boot application and some tests need to get a token from Keycloak. Every communication is via SSL with a self-signed certificate.

When launching those tests I got that exception : 

SunCertPathBuilderException: unable to find valid certification path to requested target

The problem seem similar to Accept server's self-signed ssl certificate in Java client but this solution doesn't work for me.

This is where I get the token : 

private AccessTokenResponse getToken() throws GeneralSecurityException {        
        Keycloak keycloak = Keycloak.getInstance(keycloakAuthServerUrl, keycloakRealm, 
            login, password, keycloakResource, keycloakCredentialsSecret);
        return keycloak.tokenManager().getAccessToken();
    }

Upvotes: 1

Views: 5886

Answers (1)

Julien
Julien

Reputation: 2756

As suggested in Accept server's self-signed ssl certificate in Java client , create a custom trust manager : 

import javax.net.ssl.X509TrustManager;

public class TestTrustManager implements X509TrustManager {

        @Override
        public java.security.cert.X509Certificate[] getAcceptedIssuers() {
            return new java.security.cert.X509Certificate[0];
        }
        @Override
        public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) {
        }
        @Override
        public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) {
        }
}

Then add it in the keycloak "constructor" :

private AccessTokenResponse getToken() throws GeneralSecurityException {
        // Install the all-trusting trust manager
        SSLContext sslContext = SSLContext.getInstance("SSL");
        sslContext.init(null, new TrustManager[] { new TestTrustManager() }, new java.security.SecureRandom());

        Keycloak keycloak = Keycloak.getInstance(keycloakAuthServerUrl, keycloakRealm, 
            login, password, keycloakResource, keycloakCredentialsSecret, sslContext); // <--- !!! ADD IT HERE !!!
        return keycloak.tokenManager().getAccessToken();
    }

Upvotes: 1

Related Questions