hmcts · vineetkapoor-hmcts · Apr 14, 2026 · Apr 14, 2026
@@ -37,12 +37,14 @@ services:
     container_name: wiremock
     ports:
       - "8090:8080"
+      - "8443:8443"
     volumes:
       - ./src/test/resources/mappings:/home/wiremock/mappings
       - ./src/test/resources/files:/home/wiremock/__files
     command:
       - "--global-response-templating"
       - "--verbose"
+      - "--https-port=8443"
 
   app1:
     image: ${DOCKER_IMAGE:-service-cp-crime-hearing-results-document-subscription:local}

@@ -4,27 +4,36 @@
 import org.junit.jupiter.api.Test;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
+import org.springframework.http.client.SimpleClientHttpRequestFactory;
 import org.springframework.web.client.RestClient;
 
+import javax.net.ssl.HttpsURLConnection;
+import javax.net.ssl.SSLContext;
+import javax.net.ssl.TrustManager;
+import javax.net.ssl.X509TrustManager;
+import java.io.IOException;
+import java.net.HttpURLConnection;
+import java.security.KeyManagementException;
+import java.security.NoSuchAlgorithmException;
+import java.security.cert.X509Certificate;
 import java.util.UUID;
 
 import static org.assertj.core.api.Assertions.assertThat;
 
-/* This might seem a little odd ... testing the test framework but as well as being sure about what
-   endpoints we expose, it also services to document our mocked endpoints
- */
 @Slf4j
 class CallbackWiremockTest {
     private static final String CORRELATION_ID_KEY = "X-Correlation-Id";
 
     private RestClient restClient = RestClient.create();
+    private RestClient tlsRestClient = trustLocalhostRestClient();
     private String wireMockBaseUrl = "http://localhost:8090";
+    private String wireMockHttpsBaseUrl = "https://localhost:8443";
     private String callbackUrl = "/callback/notify";
 
     UUID correlationId = UUID.randomUUID();
 
     @Test
-    void callback() {
+    void mock_callback_client_should_respond_ok() {
         ResponseEntity<String> response = restClient
                 .post()
                 .uri(wireMockBaseUrl + callbackUrl)
@@ -34,4 +43,44 @@ void callback() {
         log.info("callback response:{}", response.getBody());
         assertThat(response.getStatusCode()).isEqualTo(HttpStatus.OK);
     }
+
+    @Test
+    void mock_https_callback_client_should_respond_ok() {
+        ResponseEntity<String> response = tlsRestClient
+                .post()
+                .uri(wireMockHttpsBaseUrl + callbackUrl)
+                .header(CORRELATION_ID_KEY, correlationId.toString())
+                .retrieve()
+                .toEntity(String.class);
+        log.info("callback response:{}", response.getBody());
+        assertThat(response.getStatusCode()).isEqualTo(HttpStatus.OK);
+    }
+
+    private static RestClient trustLocalhostRestClient() {
+        try {
+            SSLContext sslContext = SSLContext.getInstance("TLS");
+            sslContext.init(null, new TrustManager[]{new X509TrustManager() {
+                public void checkClientTrusted(X509Certificate[] chain, String authType) {}
+                public void checkServerTrusted(X509Certificate[] chain, String authType) {}
+                public X509Certificate[] getAcceptedIssuers() { return new X509Certificate[0]; }
+            }}, null);
+
+            SimpleClientHttpRequestFactory factory = new SimpleClientHttpRequestFactory() {
+                @Override
+                protected void prepareConnection(HttpURLConnection connection, String httpMethod) throws IOException {
+                    if (connection instanceof HttpsURLConnection httpsConnection) {
+                        httpsConnection.setSSLSocketFactory(sslContext.getSocketFactory());
+                        httpsConnection.setHostnameVerifier((hostname, session) -> "localhost".equals(hostname));
+                    }
+                    super.prepareConnection(connection, httpMethod);
+                }
+            };
+
+            return RestClient.builder()
+                    .requestFactory(factory)
+                    .build();
+        } catch (NoSuchAlgorithmException | KeyManagementException e) {
+            throw new RuntimeException("Failed to create trust-all SSL context", e);
+        }
+    }
 }