Two-way SSL (client certificates) with Scalatest

less than 1 minute read

At work we recently added the option to authenticate machine to machine communication using client certificates (two-way ssl). While this was relatively easy to set up and access programatically from different programming languages, we ran into some difficulties getting our integration test up and running. We wanted to have a couple of tests to make sure the information from the certificate was correctly parsed and mapped to an internal client id, and how the system reacts to invalid certificates and a couple of other edge cases.

Since we use Scalatest for all our integration testing we just wanted to add the private keystore and the trust store to scalatest and be done with it. However, the standard fluent API provided by Scalatest doesn’t offer it (or we couldn’t find it). After some looking around we came to the following setup which works for us in our integration test suite:

Note that some of these classes are actually deprecated, and could be replaced with other relevant classes from the apache commons library used here.