org.mockserver.configuration

Class Configuration

java.lang.Object

org.mockserver.configuration.Configuration

public class Configuration
extends Object

Author:

jamesdbloom

Constructor Summary

Constructors

Constructor and Description
Configuration()

Method Summary

Modifier and Type	Method and Description
Integer	actionHandlerThreadCount()
Configuration	actionHandlerThreadCount(Integer actionHandlerThreadCount) Number of threads for the action handler thread pool
void	addSslSubjectAlternativeNameDomains(String... additionalSubjectAlternativeNameDomains)
void	addSslSubjectAlternativeNameIps(String... additionalSubjectAlternativeNameIps)
void	addSubjectAlternativeName(String host)
Boolean	alwaysCloseSocketConnections()
Configuration	alwaysCloseSocketConnections(Boolean alwaysCloseSocketConnections) If true socket connections will always be closed after a response is returned, if false connection is only closed if request header indicate connection should be closed.
Boolean	attemptToProxyIfNoMatchingExpectation()
Configuration	attemptToProxyIfNoMatchingExpectation(Boolean attemptToProxyIfNoMatchingExpectation) If true (the default) when no matching expectation is found, and the host header of the request does not match MockServer's host, then MockServer attempts to proxy the request if that fails then a 404 is returned.
String	certificateAuthorityCertificate()
Configuration	certificateAuthorityCertificate(String certificateAuthorityCertificate) File system path or classpath location of custom X.509 Certificate for Certificate Authority for TLS, the certificate must be a X509 PEM file and must match the certificateAuthorityPrivateKey
String	certificateAuthorityPrivateKey()
Configuration	certificateAuthorityPrivateKey(String certificateAuthorityPrivateKey) File system path or classpath location of custom Private Key for Certificate Authority for TLS, the private key must be a PKCS#8 or PKCS#1 PEM file and must match the certificateAuthorityCertificate To convert a PKCS#1 (i.e.
void	clearSslSubjectAlternativeNameDomains()
void	clearSslSubjectAlternativeNameIps()
Integer	clientNioEventLoopThreadCount()
Configuration	clientNioEventLoopThreadCount(Integer clientNioEventLoopThreadCount) Client Netty worker thread pool size for handling requests and response.
static Configuration	configuration()
String	controlPlaneJWTAuthenticationExpectedAudience()
Configuration	controlPlaneJWTAuthenticationExpectedAudience(String controlPlaneJWTAuthenticationExpectedAudience) Audience claim (i.e.
String	controlPlaneJWTAuthenticationJWKSource()
Configuration	controlPlaneJWTAuthenticationJWKSource(String controlPlaneJWTAuthenticationJWKSource) JWK source used when JWT authentication is enabled for control plane requests
Map<String,String>	controlPlaneJWTAuthenticationMatchingClaims()
Configuration	controlPlaneJWTAuthenticationMatchingClaims(Map<String,String> controlPlaneJWTAuthenticationMatchingClaims) Matching claims expected when JWT authentication is enabled for control plane requests
Boolean	controlPlaneJWTAuthenticationRequired()
Configuration	controlPlaneJWTAuthenticationRequired(Boolean controlPlaneJWTAuthenticationRequired) Require JWT authentication for all control plane requests
Set<String>	controlPlaneJWTAuthenticationRequiredClaims()
Configuration	controlPlaneJWTAuthenticationRequiredClaims(Set<String> controlPlaneJWTAuthenticationRequiredClaims) Required claims that should exist (i.e.
String	controlPlanePrivateKeyPath()
Configuration	controlPlanePrivateKeyPath(String controlPlanePrivateKeyPath) File system path or classpath location of a fixed custom private key for control plane connections using mTLS for authentication.
String	controlPlaneTLSMutualAuthenticationCAChain()
Configuration	controlPlaneTLSMutualAuthenticationCAChain(String controlPlaneTLSMutualAuthenticationCAChain) File system path or classpath location of custom mTLS (TLS client authentication) X.509 Certificate Chain for control plane mTLS authentication
Boolean	controlPlaneTLSMutualAuthenticationRequired()
Configuration	controlPlaneTLSMutualAuthenticationRequired(Boolean controlPlaneTLSMutualAuthenticationRequired) Require mTLS (also called client authentication and two-way TLS) for all control plane requests
String	controlPlaneX509CertificatePath()
Configuration	controlPlaneX509CertificatePath(String controlPlaneX509CertificatePath) File system path or classpath location of a fixed custom X.509 Certificate for control plane connections using mTLS for authentication.
Boolean	corsAllowCredentials()
Configuration	corsAllowCredentials(Boolean corsAllowCredentials) The value used for CORS in the access-control-allow-credentials header.
String	corsAllowHeaders()
Configuration	corsAllowHeaders(String corsAllowHeaders) the value used for CORS in the access-control-allow-headers and access-control-expose-headers headers.
String	corsAllowMethods()
Configuration	corsAllowMethods(String corsAllowMethods) the value used for CORS in the access-control-allow-methods header.
String	corsAllowOrigin()
Configuration	corsAllowOrigin(String corsAllowOrigin) the value used for CORS in the access-control-allow-origin header.
Integer	corsMaxAgeInSeconds()
Configuration	corsMaxAgeInSeconds(Integer corsMaxAgeInSeconds) The value used for CORS in the access-control-max-age header.
Boolean	detailedMatchFailures()
Configuration	detailedMatchFailures(Boolean detailedMatchFailures) If true (the default) the log event recording that a request matcher did not match will include a detailed reason why each non-matching field did not match.
String	directoryToSaveDynamicSSLCertificate()
Configuration	directoryToSaveDynamicSSLCertificate(String directoryToSaveDynamicSSLCertificate) Directory used to save the dynamically generated Certificate Authority X.509 Certificate and Private Key.
Boolean	disableLogging()
Configuration	disableLogging(Boolean disableLogging) Disable all logging and processing of log events
Boolean	disableSystemOut()
Configuration	disableSystemOut(Boolean disableSystemOut) Disable printing log to system out for JVM, default is enabled
Boolean	dynamicallyCreateCertificateAuthorityCertificate()
Configuration	dynamicallyCreateCertificateAuthorityCertificate(Boolean dynamicallyCreateCertificateAuthorityCertificate) Enable dynamic creation of Certificate Authority X509 certificate and private key.
Boolean	enableCORSForAllResponses()
Configuration	enableCORSForAllResponses(Boolean enableCORSForAllResponses) Enable CORS for all responses from MockServer, including the REST API and expectation responses
Boolean	enableCORSForAPI()
Configuration	enableCORSForAPI(Boolean enableCORSForAPI) Enable CORS for MockServer REST API so that the API can be used for javascript running in browsers, such as selenium
InetSocketAddress	forwardHttpProxy()
Configuration	forwardHttpProxy(InetSocketAddress forwardHttpProxy) Use HTTP proxy (i.e.
InetSocketAddress	forwardHttpsProxy()
Configuration	forwardHttpsProxy(InetSocketAddress forwardHttpsProxy) Use HTTPS proxy (i.e.
String	forwardProxyAuthenticationPassword()
Configuration	forwardProxyAuthenticationPassword(String forwardProxyAuthenticationPassword) Password for proxy authentication when using HTTPS proxy (i.e.
String	forwardProxyAuthenticationUsername()
Configuration	forwardProxyAuthenticationUsername(String forwardProxyAuthenticationUsername) Username for proxy authentication when using HTTPS proxy (i.e.
String	forwardProxyCertificateChain()
Configuration	forwardProxyCertificateChain(String forwardProxyCertificateChain) File system path or classpath location of custom mTLS (TLS client authentication) X.509 Certificate Chain for Trusting (i.e.
String	forwardProxyPrivateKey()
Configuration	forwardProxyPrivateKey(String forwardProxyPrivateKey) File system path or classpath location of custom Private Key for proxied TLS connections out of MockServer, the private key must be a PKCS#8 or PKCS#1 PEM file
String	forwardProxyTLSCustomTrustX509Certificates()
Configuration	forwardProxyTLSCustomTrustX509Certificates(String forwardProxyTLSCustomTrustX509Certificates) File system path or classpath location of custom file for trusted X509 Certificate Authority roots for forwarded or proxied requests, the certificate chain must be a X509 PEM file.
ForwardProxyTLSX509CertificatesTrustManager	forwardProxyTLSX509CertificatesTrustManagerType()
Configuration	forwardProxyTLSX509CertificatesTrustManagerType(ForwardProxyTLSX509CertificatesTrustManager forwardProxyTLSX509CertificatesTrustManagerType) Configure trusted set of certificates for forwarded or proxied requests.
InetSocketAddress	forwardSocksProxy()
Configuration	forwardSocksProxy(InetSocketAddress forwardSocksProxy) Use SOCKS proxy for all outbound / forwarded requests, support TLS tunnelling of TCP connections
String	initializationClass()
Configuration	initializationClass(String initializationClass) The class (and package) used to initialize expectations in MockServer at startup, if set MockServer will load and call this class to initialize expectations when is starts.
String	initializationJsonPath()
Configuration	initializationJsonPath(String initializationJsonPath) The path to the json file used to initialize expectations in MockServer at startup, if set MockServer will load this file and initialise expectations for each item in the file when is starts.
Boolean	launchUIForLogLevelDebug()
Configuration	launchUIForLogLevelDebug(Boolean launchUIForLogLevelDebug) If true (the default) the ClientAndServer constructor will open the UI in the default browser when the log level is set to DEBUG.
String	livenessHttpGetPath()
Configuration	livenessHttpGetPath(String livenessHttpGetPath) Path to support HTTP GET requests for status response (also available on PUT /mockserver/status).
String	localBoundIP()
Configuration	localBoundIP(String localBoundIP) The local IP address to bind to for accepting new socket connections
org.slf4j.event.Level	logLevel()
Configuration	logLevel(org.slf4j.event.Level level) Override the default logging level of INFO
Configuration	logLevel(String level) Override the default logging level of INFO
Boolean	matchersFailFast()
Configuration	matchersFailFast(Boolean matchersFailFast) If true (the default) request matchers will fail on the first non-matching field, if false request matchers will compare all fields.
Integer	maxChunkSize()
Configuration	maxChunkSize(Integer maxChunkSize) Maximum size of HTTP chunks in request or responses
Integer	maxExpectations()
Configuration	maxExpectations(Integer maxExpectations) Maximum number of expectations stored in memory.
Long	maxFutureTimeoutInMillis()
Configuration	maxFutureTimeoutInMillis(Long maxFutureTimeoutInMillis) Maximum time allowed in milliseconds for any future to wait, for example when waiting for a response over a web socket callback.
Integer	maxHeaderSize()
Configuration	maxHeaderSize(Integer maxHeaderSize) Maximum size of HTTP request headers
Integer	maximumNumberOfRequestToReturnInVerificationFailure()
Configuration	maximumNumberOfRequestToReturnInVerificationFailure(Integer maximumNumberOfRequestToReturnInVerificationFailure) The maximum number of requests to return in verification failure result, if more expectations are found the failure result does not list them separately
Integer	maxInitialLineLength()
Configuration	maxInitialLineLength(Integer maxInitialLineLength) Maximum size of the first line of an HTTP request
Integer	maxLogEntries()
Configuration	maxLogEntries(Integer maxLogEntries) Maximum number of log entries stored in memory.
Long	maxSocketTimeoutInMillis()
Configuration	maxSocketTimeoutInMillis(Long maxSocketTimeoutInMillis) Maximum time in milliseconds allowed for a response from a socket
Integer	maxWebSocketExpectations()
Configuration	maxWebSocketExpectations(Integer maxWebSocketExpectations) Maximum number of remote (not the same JVM) method callbacks (i.e.
String	memoryUsageCsvDirectory()
Configuration	memoryUsageCsvDirectory(String memoryUsageCsvDirectory) Directory to output JVM memory usage metrics CSV files to when outputMemoryUsageCsv enabled
Boolean	metricsEnabled()
Configuration	metricsEnabled(Boolean metricsEnabled) Enable gathering of metrics, default is false
Integer	nioEventLoopThreadCount()
Configuration	nioEventLoopThreadCount(Integer nioEventLoopThreadCount) Netty worker thread pool size for handling requests and response.
Boolean	outputMemoryUsageCsv()
Configuration	outputMemoryUsageCsv(Boolean outputMemoryUsageCsv) Output JVM memory usage metrics to CSV file periodically called memoryUsage_<yyyy-MM-dd>.csv
String	persistedExpectationsPath()
Configuration	persistedExpectationsPath(String persistedExpectationsPath) The file path used to save persisted expectations as json, which is updated whenever the expectation state is updated (i.e.
Boolean	persistExpectations()
Configuration	persistExpectations(Boolean persistExpectations) Enable the persisting of expectations as json, which is updated whenever the expectation state is updated (i.e.
Boolean	preventCertificateDynamicUpdate()
Configuration	preventCertificateDynamicUpdate(Boolean preventCertificateDynamicUpdate) Prevent certificates from dynamically updating when domain list changes
String	privateKeyPath()
Configuration	privateKeyPath(String privateKeyPath) File system path or classpath location of a fixed custom private key for TLS connections into MockServer.
Boolean	proactivelyInitialiseTLS()
Configuration	proactivelyInitialiseTLS(Boolean proactivelyInitialiseTLS) Proactively initialise TLS during start to ensure that if dynamicallyCreateCertificateAuthorityCertificate is enabled the Certificate Authority X.509 Certificate and Private Key will be created during start up and not when the first TLS connection is received.
String	proxyAuthenticationPassword()
Configuration	proxyAuthenticationPassword(String proxyAuthenticationPassword) The required password for proxy authentication to MockServer
String	proxyAuthenticationRealm()
Configuration	proxyAuthenticationRealm(String proxyAuthenticationRealm) The authentication realm for proxy authentication to MockServer
String	proxyAuthenticationUsername()
Configuration	proxyAuthenticationUsername(String proxyAuthenticationUsername) The required username for proxy authentication to MockServer
boolean	rebuildServerTLSContext()
Configuration	rebuildServerTLSContext(boolean rebuildServerTLSContext)
boolean	rebuildTLSContext()
Configuration	rebuildTLSContext(boolean rebuildTLSContext)
int	ringBufferSize()
Long	socketConnectionTimeoutInMillis()
Configuration	socketConnectionTimeoutInMillis(Long socketConnectionTimeoutInMillis) Maximum time in milliseconds allowed to connect to a socket
String	sslCertificateDomainName()
Configuration	sslCertificateDomainName(String sslCertificateDomainName) The domain name for auto-generate TLS certificates
Set<String>	sslSubjectAlternativeNameDomains()
Configuration	sslSubjectAlternativeNameDomains(Set<String> sslSubjectAlternativeNameDomains) The Subject Alternative Name (SAN) domain names for auto-generate TLS certificates
Configuration	sslSubjectAlternativeNameDomains(String... sslSubjectAlternativeNameDomains) The Subject Alternative Name (SAN) domain names for auto-generate TLS certificates
Set<String>	sslSubjectAlternativeNameIps()
Configuration	sslSubjectAlternativeNameIps(Set<String> sslSubjectAlternativeNameIps) The Subject Alternative Name (SAN) IP addresses for auto-generate TLS certificates
Configuration	sslSubjectAlternativeNameIps(String... sslSubjectAlternativeNameIps) The Subject Alternative Name (SAN) IP addresses for auto-generate TLS certificates
String	tlsMutualAuthenticationCertificateChain()
Configuration	tlsMutualAuthenticationCertificateChain(String tlsMutualAuthenticationCertificateChain) File system path or classpath location of custom mTLS (TLS client authentication) X.509 Certificate Chain for trusting (i.e.
Boolean	tlsMutualAuthenticationRequired()
Configuration	tlsMutualAuthenticationRequired(Boolean tlsMutualAuthenticationRequired) Require mTLS (also called client authentication and two-way TLS) for all TLS connections / HTTPS requests to MockServer
Boolean	useSemicolonAsQueryParameterSeparator()
Configuration	useSemicolonAsQueryParameterSeparator(Boolean useSemicolonAsQueryParameterSeparator) If true semicolons are treated as a separator for a query parameter string, if false the semicolon is treated as a normal character that is part of a query parameter value.
Boolean	watchInitializationJson()
Configuration	watchInitializationJson(Boolean watchInitializationJson) If enabled the initialization json file will be watched for changes, any changes found will result in expectations being created, remove or updated by matching against their key.
Integer	webSocketClientEventLoopThreadCount()
Configuration	webSocketClientEventLoopThreadCount(Integer webSocketClientEventLoopThreadCount) Client Netty worker thread pool size for handling requests and response.
String	x509CertificatePath()
Configuration	x509CertificatePath(String x509CertificatePath) File system path or classpath location of a fixed custom X.509 Certificate for TLS connections into MockServer.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail

Configuration

public Configuration()

Method Detail

configuration

public static Configuration configuration()

logLevel

public org.slf4j.event.Level logLevel()

logLevel

public Configuration logLevel(org.slf4j.event.Level level)

Override the default logging level of INFO

Parameters:

level - the log level, which can be TRACE, DEBUG, INFO, WARN, ERROR, OFF, FINEST, FINE, INFO, WARNING, SEVERE

logLevel

public Configuration logLevel(String level)

Override the default logging level of INFO

Parameters:

level - the log level, which can be TRACE, DEBUG, INFO, WARN, ERROR, OFF, FINEST, FINE, INFO, WARNING, SEVERE

disableSystemOut

public Boolean disableSystemOut()

disableSystemOut

public Configuration disableSystemOut(Boolean disableSystemOut)

Disable printing log to system out for JVM, default is enabled

Parameters:

disableSystemOut - printing log to system out for JVM

disableLogging

public Boolean disableLogging()

disableLogging

public Configuration disableLogging(Boolean disableLogging)

Disable all logging and processing of log events

The default is false

Parameters:

disableLogging - disable all logging

detailedMatchFailures

public Boolean detailedMatchFailures()

detailedMatchFailures

public Configuration detailedMatchFailures(Boolean detailedMatchFailures)

If true (the default) the log event recording that a request matcher did not match will include a detailed reason why each non-matching field did not match.

Parameters:

detailedMatchFailures - enabled detailed match failure log events

launchUIForLogLevelDebug

public Boolean launchUIForLogLevelDebug()

launchUIForLogLevelDebug

public Configuration launchUIForLogLevelDebug(Boolean launchUIForLogLevelDebug)

If true (the default) the ClientAndServer constructor will open the UI in the default browser when the log level is set to DEBUG.

Parameters:

launchUIForLogLevelDebug - enabled ClientAndServer constructor launching UI when log level is DEBUG

metricsEnabled

public Boolean metricsEnabled()

metricsEnabled

public Configuration metricsEnabled(Boolean metricsEnabled)

Enable gathering of metrics, default is false

Parameters:

metricsEnabled - enable metrics

maxExpectations

public Integer maxExpectations()

maxExpectations

public Configuration maxExpectations(Integer maxExpectations)

Maximum number of expectations stored in memory. Expectations are stored in a circular queue so once this limit is reach the oldest and lowest priority expectations are overwritten

The default maximum depends on the available memory in the JVM with an upper limit of 5000

Parameters:

maxExpectations - maximum number of expectations to store

maxLogEntries

public Integer maxLogEntries()

maxLogEntries

public Configuration maxLogEntries(Integer maxLogEntries)

Maximum number of log entries stored in memory. Log entries are stored in a circular queue so once this limit is reach the oldest log entries are overwritten

The default maximum depends on the available memory in the JVM with an upper limit of 60000

Parameters:

maxLogEntries - maximum number of expectations to store

maxWebSocketExpectations

public Integer maxWebSocketExpectations()

maxWebSocketExpectations

public Configuration maxWebSocketExpectations(Integer maxWebSocketExpectations)

Maximum number of remote (not the same JVM) method callbacks (i.e. web sockets) registered for expectations. The web socket client registry entries are stored in a circular queue so once this limit is reach the oldest are overwritten.

The default is 1500

Parameters:

maxWebSocketExpectations - maximum number of method callbacks (i.e. web sockets) registered for expectations

outputMemoryUsageCsv

public Boolean outputMemoryUsageCsv()

outputMemoryUsageCsv

public Configuration outputMemoryUsageCsv(Boolean outputMemoryUsageCsv)

Output JVM memory usage metrics to CSV file periodically called memoryUsage_<yyyy-MM-dd>.csv

Parameters:

outputMemoryUsageCsv - output of JVM memory metrics

memoryUsageCsvDirectory

public String memoryUsageCsvDirectory()

memoryUsageCsvDirectory

public Configuration memoryUsageCsvDirectory(String memoryUsageCsvDirectory)

Directory to output JVM memory usage metrics CSV files to when outputMemoryUsageCsv enabled

Parameters:

memoryUsageCsvDirectory - directory to save JVM memory metrics CSV files

nioEventLoopThreadCount

public Integer nioEventLoopThreadCount()

nioEventLoopThreadCount

public Configuration nioEventLoopThreadCount(Integer nioEventLoopThreadCount)

Netty worker thread pool size for handling requests and response. These threads handle deserializing and serialising HTTP requests and responses and some other fast logic, long running tasks are done on the action handler thread pool.

Parameters:

nioEventLoopThreadCount - Netty worker thread pool size

actionHandlerThreadCount

public Integer actionHandlerThreadCount()

actionHandlerThreadCount

public Configuration actionHandlerThreadCount(Integer actionHandlerThreadCount)

Number of threads for the action handler thread pool

These threads are used for handling actions such as:

• serialising and writing expectation or proxied responses
• handling response delays in a non-blocking way (i.e. using a scheduler)
• executing class callbacks
• handling method / closure callbacks (using web sockets)

Default is maximum of 5 or available processors count

Parameters:

actionHandlerThreadCount - Netty worker thread pool size

clientNioEventLoopThreadCount

public Integer clientNioEventLoopThreadCount()

clientNioEventLoopThreadCount

public Configuration clientNioEventLoopThreadCount(Integer clientNioEventLoopThreadCount)

Client Netty worker thread pool size for handling requests and response. These threads handle deserializing and serialising HTTP requests and responses and some other fast logic.

Default is 5 threads

Parameters:

clientNioEventLoopThreadCount - Client Netty worker thread pool size

webSocketClientEventLoopThreadCount

public Integer webSocketClientEventLoopThreadCount()

webSocketClientEventLoopThreadCount

public Configuration webSocketClientEventLoopThreadCount(Integer webSocketClientEventLoopThreadCount)

Client Netty worker thread pool size for handling requests and response. These threads handle deserializing and serialising HTTP requests and responses and some other fast logic.

Default is 5 threads

Parameters:

webSocketClientEventLoopThreadCount - Client Netty worker thread pool size

maxFutureTimeoutInMillis

public Long maxFutureTimeoutInMillis()

maxFutureTimeoutInMillis

public Configuration maxFutureTimeoutInMillis(Long maxFutureTimeoutInMillis)

Maximum time allowed in milliseconds for any future to wait, for example when waiting for a response over a web socket callback.

Default is 60,000 ms

Parameters:

maxFutureTimeoutInMillis - maximum time allowed in milliseconds

matchersFailFast

public Boolean matchersFailFast()

matchersFailFast

public Configuration matchersFailFast(Boolean matchersFailFast)

If true (the default) request matchers will fail on the first non-matching field, if false request matchers will compare all fields. This is useful to see all mismatching fields in the log event recording that a request matcher did not match.

Parameters:

matchersFailFast - enabled request matchers failing fast

maxSocketTimeoutInMillis

public Long maxSocketTimeoutInMillis()

maxSocketTimeoutInMillis

public Configuration maxSocketTimeoutInMillis(Long maxSocketTimeoutInMillis)

Maximum time in milliseconds allowed for a response from a socket

Default is 20,000 ms

Parameters:

maxSocketTimeoutInMillis - maximum time in milliseconds allowed

socketConnectionTimeoutInMillis

public Long socketConnectionTimeoutInMillis()

socketConnectionTimeoutInMillis

public Configuration socketConnectionTimeoutInMillis(Long socketConnectionTimeoutInMillis)

Maximum time in milliseconds allowed to connect to a socket

Default is 20,000 ms

Parameters:

socketConnectionTimeoutInMillis - maximum time allowed in milliseconds

alwaysCloseSocketConnections

public Boolean alwaysCloseSocketConnections()

alwaysCloseSocketConnections

public Configuration alwaysCloseSocketConnections(Boolean alwaysCloseSocketConnections)

If true socket connections will always be closed after a response is returned, if false connection is only closed if request header indicate connection should be closed.

Default is false

Parameters:

alwaysCloseSocketConnections - true socket connections will always be closed after a response is returned

localBoundIP

public String localBoundIP()

localBoundIP

public Configuration localBoundIP(String localBoundIP)

The local IP address to bind to for accepting new socket connections

Default is 0.0.0.0

Parameters:

localBoundIP - local IP address to bind to for accepting new socket connections

maxInitialLineLength

public Integer maxInitialLineLength()

maxInitialLineLength

public Configuration maxInitialLineLength(Integer maxInitialLineLength)

Maximum size of the first line of an HTTP request

The default is Integer.MAX_VALUE

Parameters:

maxInitialLineLength - maximum size of the first line of an HTTP request

maxHeaderSize

public Integer maxHeaderSize()

maxHeaderSize

public Configuration maxHeaderSize(Integer maxHeaderSize)

Maximum size of HTTP request headers

The default is Integer.MAX_VALUE

Parameters:

maxHeaderSize - maximum size of HTTP request headers

maxChunkSize

public Integer maxChunkSize()

maxChunkSize

public Configuration maxChunkSize(Integer maxChunkSize)

Maximum size of HTTP chunks in request or responses

The default is Integer.MAX_VALUE

Parameters:

maxChunkSize - maximum size of HTTP chunks in request or responses

useSemicolonAsQueryParameterSeparator

public Boolean useSemicolonAsQueryParameterSeparator()

useSemicolonAsQueryParameterSeparator

public Configuration useSemicolonAsQueryParameterSeparator(Boolean useSemicolonAsQueryParameterSeparator)

If true semicolons are treated as a separator for a query parameter string, if false the semicolon is treated as a normal character that is part of a query parameter value.

The default is true

Parameters:

useSemicolonAsQueryParameterSeparator - true semicolons are treated as a separator for a query parameter string

enableCORSForAPI

public Boolean enableCORSForAPI()

enableCORSForAPI

public Configuration enableCORSForAPI(Boolean enableCORSForAPI)

Enable CORS for MockServer REST API so that the API can be used for javascript running in browsers, such as selenium

The default is false

Parameters:

enableCORSForAPI - CORS for MockServer REST API

enableCORSForAllResponses

public Boolean enableCORSForAllResponses()

enableCORSForAllResponses

public Configuration enableCORSForAllResponses(Boolean enableCORSForAllResponses)

Enable CORS for all responses from MockServer, including the REST API and expectation responses

The default is false

Parameters:

enableCORSForAllResponses - CORS for all responses from MockServer

corsAllowOrigin

public String corsAllowOrigin()

corsAllowOrigin

public Configuration corsAllowOrigin(String corsAllowOrigin)

the value used for CORS in the access-control-allow-origin header.

The default is ""

Parameters:

corsAllowOrigin - the value used for CORS in the access-control-allow-methods header

corsAllowMethods

public String corsAllowMethods()

corsAllowMethods

public Configuration corsAllowMethods(String corsAllowMethods)

the value used for CORS in the access-control-allow-methods header.

The default is ""

Parameters:

corsAllowMethods - the value used for CORS in the access-control-allow-methods header

corsAllowHeaders

public String corsAllowHeaders()

corsAllowHeaders

public Configuration corsAllowHeaders(String corsAllowHeaders)

the value used for CORS in the access-control-allow-headers and access-control-expose-headers headers.

In addition to this default value any headers specified in the request header access-control-request-headers also get added to access-control-allow-headers and access-control-expose-headers headers in a CORS response.

The default is ""

Parameters:

corsAllowHeaders - the value used for CORS in the access-control-allow-headers and access-control-expose-headers headers

corsAllowCredentials

public Boolean corsAllowCredentials()

corsAllowCredentials

public Configuration corsAllowCredentials(Boolean corsAllowCredentials)

The value used for CORS in the access-control-allow-credentials header.

The default is false

Parameters:

corsAllowCredentials - the value used for CORS in the access-control-allow-credentials header

corsMaxAgeInSeconds

public Integer corsMaxAgeInSeconds()

corsMaxAgeInSeconds

public Configuration corsMaxAgeInSeconds(Integer corsMaxAgeInSeconds)

The value used for CORS in the access-control-max-age header.

The default is 0

Parameters:

corsMaxAgeInSeconds - the value used for CORS in the access-control-max-age header.

initializationClass

public String initializationClass()

initializationClass

public Configuration initializationClass(String initializationClass)

The class (and package) used to initialize expectations in MockServer at startup, if set MockServer will load and call this class to initialize expectations when is starts.

The default is null

Parameters:

initializationClass - class (and package) used to initialize expectations in MockServer at startup

initializationJsonPath

public String initializationJsonPath()

initializationJsonPath

public Configuration initializationJsonPath(String initializationJsonPath)

The path to the json file used to initialize expectations in MockServer at startup, if set MockServer will load this file and initialise expectations for each item in the file when is starts.

The expected format of the file is a JSON array of expectations, as per the REST API format

Parameters:

initializationJsonPath - path to the json file used to initialize expectations in MockServer at startup

watchInitializationJson

public Boolean watchInitializationJson()

watchInitializationJson

public Configuration watchInitializationJson(Boolean watchInitializationJson)

If enabled the initialization json file will be watched for changes, any changes found will result in expectations being created, remove or updated by matching against their key.

If duplicate keys exist only the last duplicate key in the file will be processed and all duplicates except the last duplicate will be removed.

The order of expectations in the file is the order in which they are created if they are new, however, re-ordering existing expectations does not change the order they are matched against incoming requests.

The default is false

Parameters:

watchInitializationJson - if enabled the initialization json file will be watched for changes

persistExpectations

public Boolean persistExpectations()

persistExpectations

public Configuration persistExpectations(Boolean persistExpectations)

Enable the persisting of expectations as json, which is updated whenever the expectation state is updated (i.e. add, clear, expires, etc.)

The default is false

Parameters:

persistExpectations - the persisting of expectations as json

persistedExpectationsPath

public String persistedExpectationsPath()

persistedExpectationsPath

public Configuration persistedExpectationsPath(String persistedExpectationsPath)

The file path used to save persisted expectations as json, which is updated whenever the expectation state is updated (i.e. add, clear, expires, etc.)

The default is "persistedExpectations.json"

Parameters:

persistedExpectationsPath - file path used to save persisted expectations as json

maximumNumberOfRequestToReturnInVerificationFailure

public Integer maximumNumberOfRequestToReturnInVerificationFailure()

maximumNumberOfRequestToReturnInVerificationFailure

public Configuration maximumNumberOfRequestToReturnInVerificationFailure(Integer maximumNumberOfRequestToReturnInVerificationFailure)

The maximum number of requests to return in verification failure result, if more expectations are found the failure result does not list them separately

Parameters:

maximumNumberOfRequestToReturnInVerificationFailure - maximum number of expectations to return in verification failure result

attemptToProxyIfNoMatchingExpectation

public Boolean attemptToProxyIfNoMatchingExpectation()

attemptToProxyIfNoMatchingExpectation

public Configuration attemptToProxyIfNoMatchingExpectation(Boolean attemptToProxyIfNoMatchingExpectation)

If true (the default) when no matching expectation is found, and the host header of the request does not match MockServer's host, then MockServer attempts to proxy the request if that fails then a 404 is returned. If false when no matching expectation is found, and MockServer is not being used as a proxy, then MockServer always returns a 404 immediately.

Parameters:

attemptToProxyIfNoMatchingExpectation - enables automatically attempted proxying of request that don't match an expectation and look like they should be proxied

forwardHttpProxy

public InetSocketAddress forwardHttpProxy()

forwardHttpProxy

public Configuration forwardHttpProxy(InetSocketAddress forwardHttpProxy)

Use HTTP proxy (i.e. via Host header) for all outbound / forwarded requests

The default is null

Parameters:

forwardHttpProxy - host and port for HTTP proxy (i.e. via Host header) for all outbound / forwarded requests

forwardHttpsProxy

public InetSocketAddress forwardHttpsProxy()

forwardHttpsProxy

public Configuration forwardHttpsProxy(InetSocketAddress forwardHttpsProxy)

Use HTTPS proxy (i.e. HTTP CONNECT) for all outbound / forwarded requests, supports TLS tunnelling of HTTPS requests

The default is null

Parameters:

forwardHttpsProxy - host and port for HTTPS proxy (i.e. HTTP CONNECT) for all outbound / forwarded requests

forwardSocksProxy

public InetSocketAddress forwardSocksProxy()

forwardSocksProxy

public Configuration forwardSocksProxy(InetSocketAddress forwardSocksProxy)

Use SOCKS proxy for all outbound / forwarded requests, support TLS tunnelling of TCP connections

The default is null

Parameters:

forwardSocksProxy - host and port for SOCKS proxy for all outbound / forwarded requests

forwardProxyAuthenticationUsername

public String forwardProxyAuthenticationUsername()

forwardProxyAuthenticationUsername

public Configuration forwardProxyAuthenticationUsername(String forwardProxyAuthenticationUsername)

Username for proxy authentication when using HTTPS proxy (i.e. HTTP CONNECT) for all outbound / forwarded requests

Note: 8u111 Update Release Notes state that the Basic authentication scheme has been deactivated when setting up an HTTPS tunnel. To resolve this clear or set to an empty string the following system properties: jdk.http.auth.tunneling.disabledSchemes and jdk.http.auth.proxying.disabledSchemes.

The default is null

Parameters:

forwardProxyAuthenticationUsername - username for proxy authentication

forwardProxyAuthenticationPassword

public String forwardProxyAuthenticationPassword()

forwardProxyAuthenticationPassword

public Configuration forwardProxyAuthenticationPassword(String forwardProxyAuthenticationPassword)

Password for proxy authentication when using HTTPS proxy (i.e. HTTP CONNECT) for all outbound / forwarded requests

Note: 8u111 Update Release Notes state that the Basic authentication scheme has been deactivated when setting up an HTTPS tunnel. To resolve this clear or set to an empty string the following system properties: jdk.http.auth.tunneling.disabledSchemes and jdk.http.auth.proxying.disabledSchemes.

The default is null

Parameters:

forwardProxyAuthenticationPassword - password for proxy authentication

proxyAuthenticationRealm

public String proxyAuthenticationRealm()

proxyAuthenticationRealm

public Configuration proxyAuthenticationRealm(String proxyAuthenticationRealm)

The authentication realm for proxy authentication to MockServer

Parameters:

proxyAuthenticationRealm - the authentication realm for proxy authentication

proxyAuthenticationUsername

public String proxyAuthenticationUsername()

proxyAuthenticationUsername

public Configuration proxyAuthenticationUsername(String proxyAuthenticationUsername)

The required username for proxy authentication to MockServer

Note: 8u111 Update Release Notes state that the Basic authentication scheme has been deactivated when setting up an HTTPS tunnel. To resolve this clear or set to an empty string the following system properties: jdk.http.auth.tunneling.disabledSchemes and jdk.http.auth.proxying.disabledSchemes.

The default is ""

Parameters:

proxyAuthenticationUsername - required username for proxy authentication to MockServer

proxyAuthenticationPassword

public String proxyAuthenticationPassword()

proxyAuthenticationPassword

public Configuration proxyAuthenticationPassword(String proxyAuthenticationPassword)

The required password for proxy authentication to MockServer

Note: 8u111 Update Release Notes state that the Basic authentication scheme has been deactivated when setting up an HTTPS tunnel. To resolve this clear or set to an empty string the following system properties: jdk.http.auth.tunneling.disabledSchemes and jdk.http.auth.proxying.disabledSchemes.

The default is ""

Parameters:

proxyAuthenticationPassword - required password for proxy authentication to MockServer

livenessHttpGetPath

public String livenessHttpGetPath()

livenessHttpGetPath

public Configuration livenessHttpGetPath(String livenessHttpGetPath)

Path to support HTTP GET requests for status response (also available on PUT /mockserver/status).

If this value is not modified then only PUT /mockserver/status but is a none blank value is provided for this value then GET requests to this path will return the 200 Ok status response showing the MockServer version and bound ports.

A GET request to this path will be matched before any expectation matching or proxying of requests.

The default is ""

Parameters:

livenessHttpGetPath - path to support HTTP GET requests for status response

controlPlaneTLSMutualAuthenticationRequired

public Boolean controlPlaneTLSMutualAuthenticationRequired()

controlPlaneTLSMutualAuthenticationRequired

public Configuration controlPlaneTLSMutualAuthenticationRequired(Boolean controlPlaneTLSMutualAuthenticationRequired)

Require mTLS (also called client authentication and two-way TLS) for all control plane requests

Parameters:

controlPlaneTLSMutualAuthenticationRequired - TLS mutual authentication for all control plane requests

controlPlaneTLSMutualAuthenticationCAChain

public String controlPlaneTLSMutualAuthenticationCAChain()

controlPlaneTLSMutualAuthenticationCAChain

public Configuration controlPlaneTLSMutualAuthenticationCAChain(String controlPlaneTLSMutualAuthenticationCAChain)

File system path or classpath location of custom mTLS (TLS client authentication) X.509 Certificate Chain for control plane mTLS authentication

The X.509 Certificate Chain is for trusting (i.e. signature verification of) Client X.509 Certificates, the certificate chain must be a X509 PEM file.

This certificate chain will be used for to performs mTLS (client authentication) for inbound TLS connections if controlPlaneTLSMutualAuthenticationRequired is enabled

Parameters:

controlPlaneTLSMutualAuthenticationCAChain - File system path or classpath location of custom mTLS (TLS client authentication) X.509 Certificate Chain for Trusting (i.e. signature verification of) Client X.509 Certificates

controlPlanePrivateKeyPath

public String controlPlanePrivateKeyPath()

controlPlanePrivateKeyPath

public Configuration controlPlanePrivateKeyPath(String controlPlanePrivateKeyPath)

File system path or classpath location of a fixed custom private key for control plane connections using mTLS for authentication.

The private key must be a PKCS#8 or PKCS#1 PEM file and must be the private key corresponding to the controlPlaneX509CertificatePath X509 (public key) configuration. The controlPlaneTLSMutualAuthenticationCAChain configuration must be the Certificate Authority for the corresponding X509 certificate (i.e. able to valid its signature).

To convert a PKCS#1 (i.e. default for Bouncy Castle) to a PKCS#8 the following command can be used: openssl pkcs8 -topk8 -inform PEM -in private_key_PKCS_1.pem -out private_key_PKCS_8.pem -nocrypt

This configuration will be ignored unless x509CertificatePath is also set.

Parameters:

controlPlanePrivateKeyPath - location of the PKCS#8 PEM file containing the private key

controlPlaneX509CertificatePath

public String controlPlaneX509CertificatePath()

controlPlaneX509CertificatePath

public Configuration controlPlaneX509CertificatePath(String controlPlaneX509CertificatePath)

File system path or classpath location of a fixed custom X.509 Certificate for control plane connections using mTLS for authentication.

The certificate must be a X509 PEM file and must be the public key corresponding to the controlPlanePrivateKeyPath private key configuration. The controlPlaneTLSMutualAuthenticationCAChain configuration must be the Certificate Authority for this certificate (i.e. able to valid its signature).

This configuration will be ignored unless privateKeyPath is also set.

Parameters:

controlPlaneX509CertificatePath - location of the PEM file containing the X509 certificate

controlPlaneJWTAuthenticationRequired

public Boolean controlPlaneJWTAuthenticationRequired()

controlPlaneJWTAuthenticationRequired

public Configuration controlPlaneJWTAuthenticationRequired(Boolean controlPlaneJWTAuthenticationRequired)

Require JWT authentication for all control plane requests

Parameters:

controlPlaneJWTAuthenticationRequired - TLS mutual authentication for all control plane requests

controlPlaneJWTAuthenticationJWKSource

public String controlPlaneJWTAuthenticationJWKSource()

controlPlaneJWTAuthenticationJWKSource

public Configuration controlPlaneJWTAuthenticationJWKSource(String controlPlaneJWTAuthenticationJWKSource)

JWK source used when JWT authentication is enabled for control plane requests

JWK source can be a file system path, classpath location or a URL

See: https://openid.net/specs/draft-jones-json-web-key-03.html

Parameters:

controlPlaneJWTAuthenticationJWKSource - file system path, classpath location or a URL of JWK source

controlPlaneJWTAuthenticationExpectedAudience

public String controlPlaneJWTAuthenticationExpectedAudience()

controlPlaneJWTAuthenticationExpectedAudience

public Configuration controlPlaneJWTAuthenticationExpectedAudience(String controlPlaneJWTAuthenticationExpectedAudience)

Audience claim (i.e. aud) required when JWT authentication is enabled for control plane requests

Parameters:

controlPlaneJWTAuthenticationExpectedAudience - required value for audience claim (i.e. aud)

controlPlaneJWTAuthenticationMatchingClaims

public Map<String,String> controlPlaneJWTAuthenticationMatchingClaims()

controlPlaneJWTAuthenticationMatchingClaims

public Configuration controlPlaneJWTAuthenticationMatchingClaims(Map<String,String> controlPlaneJWTAuthenticationMatchingClaims)

Matching claims expected when JWT authentication is enabled for control plane requests

Value should be string with comma separated key=value items, for example: scope=internal public,sub=some_subject

Parameters:

controlPlaneJWTAuthenticationMatchingClaims - required values for claims

controlPlaneJWTAuthenticationRequiredClaims

public Set<String> controlPlaneJWTAuthenticationRequiredClaims()

controlPlaneJWTAuthenticationRequiredClaims

public Configuration controlPlaneJWTAuthenticationRequiredClaims(Set<String> controlPlaneJWTAuthenticationRequiredClaims)

Required claims that should exist (i.e. with any value) when JWT authentication is enabled for control plane requests

Value should be string with comma separated values, for example: scope,sub

Parameters:

controlPlaneJWTAuthenticationRequiredClaims - required claims

proactivelyInitialiseTLS

public Boolean proactivelyInitialiseTLS()

proactivelyInitialiseTLS

public Configuration proactivelyInitialiseTLS(Boolean proactivelyInitialiseTLS)

Proactively initialise TLS during start to ensure that if dynamicallyCreateCertificateAuthorityCertificate is enabled the Certificate Authority X.509 Certificate and Private Key will be created during start up and not when the first TLS connection is received.

This setting will also ensure any configured private key and X.509 will be loaded during start up and not when the first TLS connection is received to give immediate feedback on any related TLS configuration errors.

Parameters:

proactivelyInitialiseTLS - proactively initialise TLS at startup

rebuildTLSContext

public boolean rebuildTLSContext()

rebuildTLSContext

public Configuration rebuildTLSContext(boolean rebuildTLSContext)

rebuildServerTLSContext

public boolean rebuildServerTLSContext()

rebuildServerTLSContext

public Configuration rebuildServerTLSContext(boolean rebuildServerTLSContext)

dynamicallyCreateCertificateAuthorityCertificate

public Boolean dynamicallyCreateCertificateAuthorityCertificate()

dynamicallyCreateCertificateAuthorityCertificate

public Configuration dynamicallyCreateCertificateAuthorityCertificate(Boolean dynamicallyCreateCertificateAuthorityCertificate)

Enable dynamic creation of Certificate Authority X509 certificate and private key.

Enable this property to increase the security of trusting the MockServer Certificate Authority X509 by ensuring a local dynamic value is used instead of the public value in the MockServer git repo.

These PEM files will be created and saved in the directory specified with configuration property directoryToSaveDynamicSSLCertificate.

Parameters:

dynamicallyCreateCertificateAuthorityCertificate - dynamic creation of Certificate Authority X509 certificate and private key.

directoryToSaveDynamicSSLCertificate

public String directoryToSaveDynamicSSLCertificate()

directoryToSaveDynamicSSLCertificate

public Configuration directoryToSaveDynamicSSLCertificate(String directoryToSaveDynamicSSLCertificate)

Directory used to save the dynamically generated Certificate Authority X.509 Certificate and Private Key.

Parameters:

directoryToSaveDynamicSSLCertificate - directory to save Certificate Authority X.509 Certificate and Private Key

preventCertificateDynamicUpdate

public Boolean preventCertificateDynamicUpdate()

preventCertificateDynamicUpdate

public Configuration preventCertificateDynamicUpdate(Boolean preventCertificateDynamicUpdate)

Prevent certificates from dynamically updating when domain list changes

Parameters:

preventCertificateDynamicUpdate - prevent certificates from dynamically updating when domain list changes

sslCertificateDomainName

public String sslCertificateDomainName()

sslCertificateDomainName

public Configuration sslCertificateDomainName(String sslCertificateDomainName)

The domain name for auto-generate TLS certificates

The default is "localhost"

Parameters:

sslCertificateDomainName - domain name for auto-generate TLS certificates

sslSubjectAlternativeNameDomains

public Set<String> sslSubjectAlternativeNameDomains()

sslSubjectAlternativeNameDomains

public Configuration sslSubjectAlternativeNameDomains(String... sslSubjectAlternativeNameDomains)

The Subject Alternative Name (SAN) domain names for auto-generate TLS certificates

The default is "localhost"

Parameters:

sslSubjectAlternativeNameDomains - Subject Alternative Name (SAN) domain names for auto-generate TLS certificates

sslSubjectAlternativeNameDomains

public Configuration sslSubjectAlternativeNameDomains(Set<String> sslSubjectAlternativeNameDomains)

The Subject Alternative Name (SAN) domain names for auto-generate TLS certificates

The default is "localhost"

Parameters:

sslSubjectAlternativeNameDomains - Subject Alternative Name (SAN) domain names for auto-generate TLS certificates

sslSubjectAlternativeNameIps

public Set<String> sslSubjectAlternativeNameIps()

sslSubjectAlternativeNameIps

public Configuration sslSubjectAlternativeNameIps(String... sslSubjectAlternativeNameIps)

The Subject Alternative Name (SAN) IP addresses for auto-generate TLS certificates

The default is 127.0.0.1, 0.0.0.0

Parameters:

sslSubjectAlternativeNameIps - Subject Alternative Name (SAN) IP addresses for auto-generate TLS certificates

sslSubjectAlternativeNameIps

public Configuration sslSubjectAlternativeNameIps(Set<String> sslSubjectAlternativeNameIps)

The Subject Alternative Name (SAN) IP addresses for auto-generate TLS certificates

The default is 127.0.0.1, 0.0.0.0

Parameters:

sslSubjectAlternativeNameIps - Subject Alternative Name (SAN) IP addresses for auto-generate TLS certificates

certificateAuthorityPrivateKey

public String certificateAuthorityPrivateKey()

certificateAuthorityPrivateKey

public Configuration certificateAuthorityPrivateKey(String certificateAuthorityPrivateKey)

File system path or classpath location of custom Private Key for Certificate Authority for TLS, the private key must be a PKCS#8 or PKCS#1 PEM file and must match the certificateAuthorityCertificate To convert a PKCS#1 (i.e. default for Bouncy Castle) to a PKCS#8 the following command can be used: openssl pkcs8 -topk8 -inform PEM -in private_key_PKCS_1.pem -out private_key_PKCS_8.pem -nocrypt

Parameters:

certificateAuthorityPrivateKey - location of the PEM file containing the certificate authority private key

certificateAuthorityCertificate

public String certificateAuthorityCertificate()

certificateAuthorityCertificate

public Configuration certificateAuthorityCertificate(String certificateAuthorityCertificate)

File system path or classpath location of custom X.509 Certificate for Certificate Authority for TLS, the certificate must be a X509 PEM file and must match the certificateAuthorityPrivateKey

Parameters:

certificateAuthorityCertificate - location of the PEM file containing the certificate authority X509 certificate

privateKeyPath

public String privateKeyPath()

privateKeyPath

public Configuration privateKeyPath(String privateKeyPath)

File system path or classpath location of a fixed custom private key for TLS connections into MockServer.

The private key must be a PKCS#8 or PKCS#1 PEM file and must be the private key corresponding to the x509CertificatePath X509 (public key) configuration. The certificateAuthorityCertificate configuration must be the Certificate Authority for the corresponding X509 certificate (i.e. able to valid its signature), see: x509CertificatePath.

To convert a PKCS#1 (i.e. default for Bouncy Castle) to a PKCS#8 the following command can be used: openssl pkcs8 -topk8 -inform PEM -in private_key_PKCS_1.pem -out private_key_PKCS_8.pem -nocrypt

This configuration will be ignored unless x509CertificatePath is also set.

Parameters:

privateKeyPath - location of the PKCS#8 PEM file containing the private key

x509CertificatePath

public String x509CertificatePath()

x509CertificatePath

public Configuration x509CertificatePath(String x509CertificatePath)

File system path or classpath location of a fixed custom X.509 Certificate for TLS connections into MockServer.

The certificate must be a X509 PEM file and must be the public key corresponding to the privateKeyPath private key configuration. The certificateAuthorityCertificate configuration must be the Certificate Authority for this certificate (i.e. able to valid its signature).

This configuration will be ignored unless privateKeyPath is also set.

Parameters:

x509CertificatePath - location of the PEM file containing the X509 certificate

tlsMutualAuthenticationRequired

public Boolean tlsMutualAuthenticationRequired()

tlsMutualAuthenticationRequired

public Configuration tlsMutualAuthenticationRequired(Boolean tlsMutualAuthenticationRequired)

Require mTLS (also called client authentication and two-way TLS) for all TLS connections / HTTPS requests to MockServer

Parameters:

tlsMutualAuthenticationRequired - TLS mutual authentication

tlsMutualAuthenticationCertificateChain

public String tlsMutualAuthenticationCertificateChain()

tlsMutualAuthenticationCertificateChain

public Configuration tlsMutualAuthenticationCertificateChain(String tlsMutualAuthenticationCertificateChain)

File system path or classpath location of custom mTLS (TLS client authentication) X.509 Certificate Chain for trusting (i.e. signature verification of) Client X.509 Certificates, the certificate chain must be a X509 PEM file.

This certificate chain will be used if MockServer performs mTLS (client authentication) for inbound TLS connections because tlsMutualAuthenticationRequired is enabled

Parameters:

tlsMutualAuthenticationCertificateChain - File system path or classpath location of custom mTLS (TLS client authentication) X.509 Certificate Chain for Trusting (i.e. signature verification of) Client X.509 Certificates

forwardProxyTLSX509CertificatesTrustManagerType

public ForwardProxyTLSX509CertificatesTrustManager forwardProxyTLSX509CertificatesTrustManagerType()

forwardProxyTLSX509CertificatesTrustManagerType

public Configuration forwardProxyTLSX509CertificatesTrustManagerType(ForwardProxyTLSX509CertificatesTrustManager forwardProxyTLSX509CertificatesTrustManagerType)

Configure trusted set of certificates for forwarded or proxied requests.

MockServer will only be able to establish a TLS connection to endpoints that have a trusted X509 certificate according to the trust manager type, as follows:

ALL - Insecure will trust all X509 certificates and not perform host name verification. JVM - Will trust all X509 certificates trust by the JVM. CUSTOM - Will trust all X509 certificates specified in forwardProxyTLSCustomTrustX509Certificates configuration value.

Parameters:

forwardProxyTLSX509CertificatesTrustManagerType - trusted set of certificates for forwarded or proxied requests, allowed values: ALL, JVM, CUSTOM.

forwardProxyTLSCustomTrustX509Certificates

public String forwardProxyTLSCustomTrustX509Certificates()

forwardProxyTLSCustomTrustX509Certificates

public Configuration forwardProxyTLSCustomTrustX509Certificates(String forwardProxyTLSCustomTrustX509Certificates)

File system path or classpath location of custom file for trusted X509 Certificate Authority roots for forwarded or proxied requests, the certificate chain must be a X509 PEM file.

MockServer will only be able to establish a TLS connection to endpoints that have an X509 certificate chain that is signed by one of the provided custom certificates, i.e. where a path can be established from the endpoints X509 certificate to one or more of the custom X509 certificates provided.

Parameters:

forwardProxyTLSCustomTrustX509Certificates - custom set of trusted X509 certificate authority roots for forwarded or proxied requests in PEM format.

forwardProxyPrivateKey

public String forwardProxyPrivateKey()

forwardProxyPrivateKey

public Configuration forwardProxyPrivateKey(String forwardProxyPrivateKey)

File system path or classpath location of custom Private Key for proxied TLS connections out of MockServer, the private key must be a PKCS#8 or PKCS#1 PEM file

To convert a PKCS#1 (i.e. default for Bouncy Castle) to a PKCS#8 the following command can be used: openssl pkcs8 -topk8 -inform PEM -in private_key_PKCS_1.pem -out private_key_PKCS_8.pem -nocrypt

This private key will be used if MockServer needs to perform mTLS (client authentication) for outbound TLS connections.

Parameters:

forwardProxyPrivateKey - location of the PEM file containing the private key

forwardProxyCertificateChain

public String forwardProxyCertificateChain()

forwardProxyCertificateChain

public Configuration forwardProxyCertificateChain(String forwardProxyCertificateChain)

File system path or classpath location of custom mTLS (TLS client authentication) X.509 Certificate Chain for Trusting (i.e. signature verification of) Client X.509 Certificates, the certificate chain must be a X509 PEM file.

This certificate chain will be used if MockServer needs to perform mTLS (client authentication) for outbound TLS connections.

Parameters:

forwardProxyCertificateChain - location of the PEM file containing the certificate chain

addSubjectAlternativeName

public void addSubjectAlternativeName(String host)

addSslSubjectAlternativeNameIps

public void addSslSubjectAlternativeNameIps(String... additionalSubjectAlternativeNameIps)

clearSslSubjectAlternativeNameIps

public void clearSslSubjectAlternativeNameIps()

addSslSubjectAlternativeNameDomains

public void addSslSubjectAlternativeNameDomains(String... additionalSubjectAlternativeNameDomains)

clearSslSubjectAlternativeNameDomains

public void clearSslSubjectAlternativeNameDomains()

ringBufferSize

public int ringBufferSize()