diff --git a/build-parent/pom.xml b/build-parent/pom.xml
index 62dea85311132..887efb2b3105e 100644
--- a/build-parent/pom.xml
+++ b/build-parent/pom.xml
@@ -660,6 +660,11 @@
+
+ io.smallrye.certs
+ smallrye-certificate-generator-maven-plugin
+ ${smallrye-certificate-generator.version}
+
diff --git a/integration-tests/oidc-mtls/pom.xml b/integration-tests/oidc-mtls/pom.xml
index 2edad5c91ad20..719118f28efca 100644
--- a/integration-tests/oidc-mtls/pom.xml
+++ b/integration-tests/oidc-mtls/pom.xml
@@ -27,7 +27,6 @@
io.quarkus
quarkus-tls-registry
-
io.quarkus
quarkus-junit5
@@ -88,6 +87,33 @@
+ io.smallrye.certs
+ smallrye-certificate-generator-maven-plugin
+
+
+ generate-test-resources
+
+ generate
+
+
+
+
+
+
+ oidc
+
+ PEM
+ PKCS12
+
+ password
+ backend-service
+ 2
+ true
+
+
+
+
+
maven-surefire-plugin
true
diff --git a/integration-tests/oidc-mtls/src/main/resources/application.properties b/integration-tests/oidc-mtls/src/main/resources/application.properties
index 69d52fd93aa24..939e259a700ac 100644
--- a/integration-tests/oidc-mtls/src/main/resources/application.properties
+++ b/integration-tests/oidc-mtls/src/main/resources/application.properties
@@ -1,11 +1,11 @@
quarkus.http.tls-configuration-name=oidc-mtls
-quarkus.tls.oidc-mtls.key-store.jks.path=server-keystore.jks
-quarkus.tls.oidc-mtls.key-store.jks.password=secret
-quarkus.tls.oidc-mtls.trust-store.jks.path=server-truststore.jks
-quarkus.tls.oidc-mtls.trust-store.jks.password=password
+quarkus.tls.oidc-mtls.key-store.p12.path=target/certificates/oidc-keystore.p12
+quarkus.tls.oidc-mtls.key-store.p12.password=password
+quarkus.tls.oidc-mtls.trust-store.p12.path=target/certificates/oidc-server-truststore.p12
+quarkus.tls.oidc-mtls.trust-store.p12.password=password
quarkus.http.auth.inclusive=true
quarkus.http.ssl.client-auth=REQUIRED
quarkus.http.insecure-requests=DISABLED
-quarkus.native.additional-build-args=-H:IncludeResources=.*\\.jks
+quarkus.native.additional-build-args=-H:IncludeResources=target/certificates/.*\\.p12
diff --git a/integration-tests/oidc-mtls/src/main/resources/server-keystore.jks b/integration-tests/oidc-mtls/src/main/resources/server-keystore.jks
deleted file mode 100644
index da33e8e7a1668..0000000000000
Binary files a/integration-tests/oidc-mtls/src/main/resources/server-keystore.jks and /dev/null differ
diff --git a/integration-tests/oidc-mtls/src/main/resources/server-truststore.jks b/integration-tests/oidc-mtls/src/main/resources/server-truststore.jks
deleted file mode 100644
index 8ec8e126507b6..0000000000000
Binary files a/integration-tests/oidc-mtls/src/main/resources/server-truststore.jks and /dev/null differ
diff --git a/integration-tests/oidc-mtls/src/test/java/io/quarkus/it/oidc/OidcMtlsTest.java b/integration-tests/oidc-mtls/src/test/java/io/quarkus/it/oidc/OidcMtlsTest.java
index ce4b2cd482cad..458c37b26b1ea 100644
--- a/integration-tests/oidc-mtls/src/test/java/io/quarkus/it/oidc/OidcMtlsTest.java
+++ b/integration-tests/oidc-mtls/src/test/java/io/quarkus/it/oidc/OidcMtlsTest.java
@@ -27,7 +27,7 @@
@QuarkusTest
public class OidcMtlsTest {
- @TestHTTPResource(ssl = true)
+ @TestHTTPResource(tls = true)
URL url;
KeycloakTestClient keycloakClient = new KeycloakTestClient();
@@ -46,7 +46,7 @@ public void testGetIdentityNames() throws Exception {
.indefinitely();
assertEquals(200, resp.statusCode());
String name = resp.bodyAsString();
- assertEquals("Identities: CN=client, alice", name);
+ assertEquals("Identities: CN=backend-service, alice", name);
// HTTP 401, invalid token
resp = webClient.get("/service/name")
@@ -63,18 +63,18 @@ private WebClientOptions createWebClientOptions() throws Exception {
WebClientOptions webClientOptions = new WebClientOptions().setDefaultHost(url.getHost())
.setDefaultPort(url.getPort()).setSsl(true).setVerifyHost(false);
- byte[] keyStoreData = getFileContent(Paths.get("client-keystore.jks"));
+ byte[] keyStoreData = getFileContent(Paths.get("target/certificates/oidc-client-keystore.p12"));
KeyStoreOptions keyStoreOptions = new KeyStoreOptions()
.setPassword("password")
.setValue(Buffer.buffer(keyStoreData))
- .setType("JKS");
+ .setType("PKCS12");
webClientOptions.setKeyCertOptions(keyStoreOptions);
- byte[] trustStoreData = getFileContent(Paths.get("client-truststore.jks"));
+ byte[] trustStoreData = getFileContent(Paths.get("target/certificates/oidc-client-truststore.p12"));
KeyStoreOptions trustStoreOptions = new KeyStoreOptions()
- .setPassword("secret")
+ .setPassword("password")
.setValue(Buffer.buffer(trustStoreData))
- .setType("JKS");
+ .setType("PKCS12");
webClientOptions.setTrustOptions(trustStoreOptions);
return webClientOptions;
diff --git a/integration-tests/oidc-mtls/src/test/resources/client-keystore.jks b/integration-tests/oidc-mtls/src/test/resources/client-keystore.jks
deleted file mode 100644
index cf6d6ba454864..0000000000000
Binary files a/integration-tests/oidc-mtls/src/test/resources/client-keystore.jks and /dev/null differ
diff --git a/integration-tests/oidc-mtls/src/test/resources/client-truststore.jks b/integration-tests/oidc-mtls/src/test/resources/client-truststore.jks
deleted file mode 100644
index da33e8e7a1668..0000000000000
Binary files a/integration-tests/oidc-mtls/src/test/resources/client-truststore.jks and /dev/null differ