diff --git a/cloudplatform/connectivity-apache-httpclient5/src/test/java/com/sap/cloud/sdk/cloudplatform/connectivity/ClientCertificateAuthenticationLocalTest.java b/cloudplatform/connectivity-apache-httpclient5/src/test/java/com/sap/cloud/sdk/cloudplatform/connectivity/ClientCertificateAuthenticationLocalTest.java
index 868875770..d6a15226b 100644
--- a/cloudplatform/connectivity-apache-httpclient5/src/test/java/com/sap/cloud/sdk/cloudplatform/connectivity/ClientCertificateAuthenticationLocalTest.java
+++ b/cloudplatform/connectivity-apache-httpclient5/src/test/java/com/sap/cloud/sdk/cloudplatform/connectivity/ClientCertificateAuthenticationLocalTest.java
@@ -37,9 +37,14 @@
 
 class ClientCertificateAuthenticationLocalTest
 {
-    private static final String CCA_PASSWORD = "cca-password";
-    private static final String JKS_PATH =
-        "src/test/resources/" + ClientCertificateAuthenticationLocalTest.class.getSimpleName() + "/client-cert.pkcs12";
+    private static final String JKS_PREFIX =
+        "src/test/resources/" + ClientCertificateAuthenticationLocalTest.class.getSimpleName();
+    private static final String SERVER_TRUST_STORE = JKS_PREFIX + "/certs/truststore.jks";
+    private static final String SERVER_TRUST_STORE_PASS = "changeit";
+    private static final String SERVER_KEY_STORE = JKS_PREFIX + "/certs/server.jks";
+    private static final String SERVER_KEY_STORE_PASS = "changeit";
+    private static final String CLIENT_KEY_STORE = JKS_PREFIX + "/certs/client1.p12";
+    private static final String CLIENT_KEY_STORE_PASS = "changeit";
 
     @RegisterExtension
     static final WireMockExtension server =
@@ -71,7 +76,7 @@ void testClientCorrectlyConfigured()
                     .authenticationType(AuthenticationType.CLIENT_CERTIFICATE_AUTHENTICATION)
                     .proxyType(ProxyType.INTERNET)
                     .keyStore(getClientKeyStore())
-                    .keyStorePassword(CCA_PASSWORD)
+                    .keyStorePassword(CLIENT_KEY_STORE_PASS)
                     .trustAllCertificates()
                     .build());
 
@@ -82,7 +87,7 @@ void testClientCorrectlyConfigured()
 
         assertThat(context.getUserToken()).isNotNull();
         assertThat(context.getUserToken()).isInstanceOf(X500Principal.class);
-        assertThat(((X500Principal) context.getUserToken()).getName()).contains("CN=localhost");
+        assertThat(((X500Principal) context.getUserToken()).getName()).contains("CN=client1");
 
         // assert keystore methods have been used
         Mockito.verify(destination).getKeyStorePassword();
@@ -122,8 +127,11 @@ private static WireMockConfiguration buildWireMockConfiguration()
             .httpDisabled(true)
             .dynamicHttpsPort()
             .needClientAuth(true)
-            .trustStorePath(JKS_PATH)
-            .trustStorePassword(CCA_PASSWORD)
+            .keystorePath(SERVER_KEY_STORE)
+            .keystorePassword(SERVER_KEY_STORE_PASS)
+            .keyManagerPassword(SERVER_KEY_STORE_PASS)
+            .trustStorePath(SERVER_TRUST_STORE)
+            .trustStorePassword(SERVER_TRUST_STORE_PASS)
             .trustStoreType("JKS");
     }
 
@@ -134,7 +142,7 @@ private static KeyStore getClientKeyStore()
             NoSuchAlgorithmException
     {
         final KeyStore keyStore = KeyStore.getInstance("PKCS12");
-        keyStore.load(new FileInputStream(JKS_PATH), CCA_PASSWORD.toCharArray());
+        keyStore.load(new FileInputStream(CLIENT_KEY_STORE), CLIENT_KEY_STORE_PASS.toCharArray());
         return keyStore;
     }
 }
diff --git a/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/README.md b/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/README.md
index 093d0bcf2..be94a58a2 100644
--- a/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/README.md
+++ b/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/README.md
@@ -5,18 +5,112 @@ The credential files are generated from command line. This process can be automa
 
 ## CREATE CLIENT CREDENTIALS
 
-* Generate key pair
-  ```bash
-  openssl req -x509 -newkey rsa:2048 -utf8 -days 3650 -nodes -config client-cert.conf -keyout client-cert.key -out client-cert.crt
+* Client keystore
   ```
+  docker run --rm -v $(pwd)/certs:/certs eclipse-temurin:17-jre \
+   keytool -genkeypair \
+   -alias client1 \
+   -keyalg RSA \
+   -keysize 2048 \
+   -validity 3650 \
+   -storetype JKS \
+   -keystore /certs/client1.jks \
+   -storepass changeit \
+   -keypass changeit \
+   -dname "CN=client1"
+  ```
+
+  <details><summary>(Windows)</summary>
 
-* Generate _PKCS#12_ keystore
-  ```bash
-  openssl pkcs12 -export -inkey client-cert.key -in client-cert.crt -out client-cert.p12 -password "pass:cca-password"
+  ```
+  docker run --rm -v ${pwd}/certs:/certs eclipse-temurin:17-jre keytool -genkeypair -alias client1 -keyalg RSA -keysize 2048 -validity 3650 -storetype JKS -keystore /certs/client1.jks -storepass changeit -keypass changeit -dname "CN=client1"
   ```
   
-* Transform to JKS
+  </details>
+
+* Export client certificate
+  ```
+  docker run --rm -v $(pwd)/certs:/certs eclipse-temurin:17-jre \
+   keytool -exportcert \
+   -alias client1 \
+   -keystore /certs/client1.jks \
+   -storepass changeit \
+   -file /certs/client1.cer
+   ```
+
+  <details><summary>(Windows)</summary>
+
+  ```
+  docker run --rm -v ${pwd}/certs:/certs eclipse-temurin:17-jre keytool -exportcert -alias client1 -keystore /certs/client1.jks -storepass changeit -file /certs/client1.cer
+  ```
 
-  ```bash
-  keytool -importkeystore -deststorepass "cca-password" -destkeypass "cca-password" -srckeystore client-cert.p12 -srcstorepass "cca-password" -deststoretype pkcs12 -destkeystore client-cert.pkcs12
+  </details>
+
+* PKCS12 keystore for client
+
+  ```
+  docker run --rm -v $(pwd)/certs:/certs eclipse-temurin:17-jre \
+   keytool -importkeystore \
+   -srckeystore /certs/client1.jks \
+   -srcstoretype JKS \
+   -srcstorepass changeit \
+   -destkeystore /certs/client1.p12 \
+   -deststoretype PKCS12 \
+   -deststorepass changeit \
+   -destkeypass changeit
   ```
+
+  <details><summary>(Windows)</summary>
+
+  ```
+  docker run --rm -v ${pwd}/certs:/certs eclipse-temurin:17-jre keytool -importkeystore -srckeystore /certs/client1.jks -srcstoretype JKS -srcstorepass changeit -destkeystore /certs/client1.p12 -deststoretype PKCS12 -deststorepass changeit -destkeypass changeit
+  ```
+  
+  </details>
+
+
+## CREATE SERVER CREDENTIALS
+
+* Server keystore. Run once
+  ```
+  docker run --rm -v $(pwd)/certs:/certs eclipse-temurin:17-jre \
+   keytool -genkeypair \
+   -alias wiremock-server \
+   -keyalg RSA \
+   -keysize 2048 \
+   -validity 3650 \
+   -storetype JKS \
+   -keystore /certs/server.jks \
+   -storepass changeit \
+   -keypass changeit \
+   -dname "CN=localhost" \
+   -ext SAN=dns:localhost,ip:127.0.0.1
+   ```
+
+  <details><summary>(Windows)</summary>
+  
+  ```
+  docker run --rm -v ${pwd}/certs:/certs eclipse-temurin:17-jre keytool -genkeypair -alias wiremock-server -keyalg RSA -keysize 2048 -validity 3650 -storetype JKS -keystore /certs/server.jks -storepass changeit -keypass changeit -dname "CN=localhost" -ext SAN=dns:localhost,ip:127.0.0.1
+  ```
+  
+  </details>
+
+* Truststore for wiremock
+
+  ```
+  docker run --rm -v $(pwd)/certs:/certs eclipse-temurin:17-jre \
+   keytool -importcert \
+   -alias client1 \
+   -file /certs/client1.cer \
+   -keystore /certs/truststore.jks \
+   -storepass changeit \
+   -noprompt
+  ```
+
+  <details><summary>(Windows)</summary>
+
+  ```
+  docker run --rm -v ${pwd}/certs:/certs eclipse-temurin:17-jre keytool -importcert -alias client1 -file /certs/client1.cer -keystore /certs/truststore.jks -storepass changeit -noprompt
+  ```
+  
+  </details>
diff --git a/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/certs/client1.cer b/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/certs/client1.cer
new file mode 100644
index 000000000..2cc9b5a77
Binary files /dev/null and b/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/certs/client1.cer differ
diff --git a/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/certs/client1.jks b/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/certs/client1.jks
new file mode 100644
index 000000000..52d907c3a
Binary files /dev/null and b/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/certs/client1.jks differ
diff --git a/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/certs/client1.p12 b/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/certs/client1.p12
new file mode 100644
index 000000000..05c0b0ce5
Binary files /dev/null and b/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/certs/client1.p12 differ
diff --git a/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/certs/server.jks b/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/certs/server.jks
new file mode 100644
index 000000000..b12c13292
Binary files /dev/null and b/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/certs/server.jks differ
diff --git a/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/certs/truststore.jks b/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/certs/truststore.jks
new file mode 100644
index 000000000..2b3db829d
Binary files /dev/null and b/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/certs/truststore.jks differ
diff --git a/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/client-cert.conf b/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/client-cert.conf
deleted file mode 100644
index faf223201..000000000
--- a/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/client-cert.conf
+++ /dev/null
@@ -1,25 +0,0 @@
-[CA_default]
-copy_extensions = copy
-
-[req]
-default_bits = 4096
-prompt = no
-default_md = sha256
-distinguished_name = req_distinguished_name
-x509_extensions = v3_ca
-
-[req_distinguished_name]
-C = DE
-ST = Brandenburg
-O = Potsdam
-emailAddress = cloudsdk@sap.com
-CN = localhost
-
-[v3_ca]
-basicConstraints = CA:FALSE
-keyUsage = digitalSignature, keyEncipherment
-subjectAltName = @alternate_names
-
-[alternate_names]
-DNS.1 = localhost
-IP.1 = 127.0.0.1
\ No newline at end of file
diff --git a/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/client-cert.crt b/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/client-cert.crt
deleted file mode 100644
index 8b313ee50..000000000
--- a/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/client-cert.crt
+++ /dev/null
@@ -1,22 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIDtzCCAp+gAwIBAgIUDfIuo9MZ6BTCuQAndYmYHMsnKrYwDQYJKoZIhvcNAQEL
-BQAwajELMAkGA1UEBhMCREUxFDASBgNVBAgMC0JyYW5kZW5idXJnMRAwDgYDVQQK
-DAdQb3RzZGFtMR8wHQYJKoZIhvcNAQkBFhBjbG91ZHNka0BzYXAuY29tMRIwEAYD
-VQQDDAlsb2NhbGhvc3QwHhcNMjQwMTEyMTAyOTMwWhcNMzQwMTA5MTAyOTMwWjBq
-MQswCQYDVQQGEwJERTEUMBIGA1UECAwLQnJhbmRlbmJ1cmcxEDAOBgNVBAoMB1Bv
-dHNkYW0xHzAdBgkqhkiG9w0BCQEWEGNsb3Vkc2RrQHNhcC5jb20xEjAQBgNVBAMM
-CWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALSd6Fz/
-ZfDA52fZBuB+kP0JT5b8HqcKMX/Smt7S5bi5DwFi/RhHoaD1o5td8HPIP+N6sm8s
-l/HiZhZmIleGabyOUiO1JnglHijElrJZrny6ZYJcrzMkOWGtM/8mUZRXzm6Ae8bP
-pib6Kza3qsIq5Br0yBo/XOClbE+BFilvoUGiBb78eIHH14OQGYMkXzbUWJOVTQ6q
-5tlfQP1yHm9txVvlMwD+qqS1LjNdj3L72vFrkZil2AHXA0pdWLWn13K8r0U6+RNT
-99mYEw/5BoaOZA0NRX3kFeCGJKDz92SEdzbPU2F4+dt8/Is3Xj397zku/OITWRtW
-oQTOgp4l01ev2TcCAwEAAaNVMFMwCQYDVR0TBAIwADALBgNVHQ8EBAMCBaAwGgYD
-VR0RBBMwEYIJbG9jYWxob3N0hwR/AAABMB0GA1UdDgQWBBQChuZYKEuGYQLWgSPS
-njRacT/rJjANBgkqhkiG9w0BAQsFAAOCAQEAXqiPPxWiNXw9stwC3PIwMbgHjmJG
-0gSy/OLOWihP8Fet4m2mhYiZ6E1vx1THjgl7+s1BYc4HE7GgXrvoSEKJsTUUVjCf
-u4xbN4YxBjxBSs0If0hOPrtOEln5ij6rKuTFh9+cskt4MYgy+XuP0iT7MOrk7jqp
-Jx6QdPbQEPTdmZ0XWlJz+qP+BQIl/lTcD7GoBS/tCYoyaljmfMMGaJ83HVlKfMpH
-ELWFT2Y4mSNFo1jOFt7lR+cWy9YJ9gerxEskHKYqIX0e4ELhSyovix4c7dUstszy
-RjVcfhNI8gsxAbkT+mYuIMl4zkTA1yUcmqEgBhxA9vIVD7kfL8S0bELBHA==
------END CERTIFICATE-----
diff --git a/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/client-cert.key b/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/client-cert.key
deleted file mode 100644
index 250483648..000000000
--- a/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/client-cert.key
+++ /dev/null
@@ -1,28 +0,0 @@
------BEGIN PRIVATE KEY-----
-MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC0nehc/2XwwOdn
-2QbgfpD9CU+W/B6nCjF/0pre0uW4uQ8BYv0YR6Gg9aObXfBzyD/jerJvLJfx4mYW
-ZiJXhmm8jlIjtSZ4JR4oxJayWa58umWCXK8zJDlhrTP/JlGUV85ugHvGz6Ym+is2
-t6rCKuQa9MgaP1zgpWxPgRYpb6FBogW+/HiBx9eDkBmDJF821FiTlU0OqubZX0D9
-ch5vbcVb5TMA/qqktS4zXY9y+9rxa5GYpdgB1wNKXVi1p9dyvK9FOvkTU/fZmBMP
-+QaGjmQNDUV95BXghiSg8/dkhHc2z1NhePnbfPyLN149/e85LvziE1kbVqEEzoKe
-JdNXr9k3AgMBAAECggEADh8af8roKX6rmQ763qqGo4IK2v8zVlQRsrDAsxNCKsMt
-TSp0J2XSWUdbV1Zs6mCJvjtloBOYfaz51l596OH1emyWN3x+WX5tcTqNnbwtTEs2
-jI66lAENC3oDSruwPSzwUutwwgaSMxH0Nv79NtkrpH/m9UZm+Jl2cnDhTrQPo5Xp
-siezDaO1vhX1WyHXKvSZy04+k1idy38XcZTMQ3xquapc4QhkYB3hj8qbF63gZUiw
-Q7XhvETavKYCoVL5yC1RkNVZT5cCGzyQJePWvApQLB+ynr/aNjstjQhCcv74x0b3
-9Zs56UD5sTw3JwSlQmDGX72689qx/VO3OOEXJYzcoQKBgQDlzvpcifmzGLodGZcG
-RPSauvRoAb7osSSAOU3ANNaP10jOJG/qiG4d99c1wC0wGSRFeILAAUIU5xuq5k2X
-Sl5LfSSmwK8z1d2LfAXoEx91PlF9/MH5UncQIclHn+hsevu5eFwDkx1oKE5l9whB
-hlgzTGKCO1lbUPL499poDFa2hQKBgQDJM6+Da5OebqXZ/BPtY5jCcoGgBl4L8NQW
-EN668TbGGdcFXcsIbbN+qaFik8h37TU76xI8EQoW4YVDIGivHQXFmPpvpylglHto
-4RcPRNE+0rykNasoCrEqEcL+WAX4b3+0dgszNgsZLA64kLZQa5fMjn2+nVvn+YSU
-AwGs6TlziwKBgCx3bThEtl0yNqj0z6U16IKcFDifxdnulNp+vA2p665vgLXqlQEz
-nuMLlsfexJ+e7cbHd71BQREcWt0prO/OQwqmT1Y4yG3mPvUDbX0nXhnokgonwzzD
-+SfU8cZ7KZT8AwMzR9KlP7Zsvia6sw1CuoRKjnEWnMavliQYiVlCsfClAoGAQDXJ
-doR3aOFg9o83ANR/JNcMPTiq/N6PoLcjjb97Pn9ympjTOc5gsTSLd304ReWizot3
-l0nM0X6JW+HU5sW5WNU4XzeWwebA97iV9l589LKmVzV1eOLopUdj1m3bAez7cWkW
-q/I8Wn0v+YDdXg7oM/TpdlKbyQ1dXSsUds07c38CgYBfi2Zo2R2Sgfq6bQyCmzze
-740nqiBTPf7NuA9n2yESOFUkskaLcWb5o83iT71I2eUxZJCSelgXxVHtGK5y3PLu
-QWVWgN/qn6D3skuQNXEY5iAQ/C47Rq15ZUcWF2utzkAxrmgcSUjrj7xjsk5MG3RX
-mK1AS3XT0sLIpGuhSUNrOw==
------END PRIVATE KEY-----
diff --git a/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/client-cert.p12 b/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/client-cert.p12
deleted file mode 100644
index 2d27b25d6..000000000
Binary files a/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/client-cert.p12 and /dev/null differ
diff --git a/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/client-cert.pkcs12 b/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/client-cert.pkcs12
deleted file mode 100644
index 3b9e85b5a..000000000
Binary files a/cloudplatform/connectivity-apache-httpclient5/src/test/resources/ClientCertificateAuthenticationLocalTest/client-cert.pkcs12 and /dev/null differ
diff --git a/dependency-bundles/bom/pom.xml b/dependency-bundles/bom/pom.xml
index 86fd110e0..b5ffaffc1 100644
--- a/dependency-bundles/bom/pom.xml
+++ b/dependency-bundles/bom/pom.xml
@@ -48,8 +48,8 @@
 		<service-binding.version>0.21.0</service-binding.version>
 		<!-- HTTP stuff -->
 		<httpcore.version>4.4.16</httpcore.version>
-		<httpcore5.version>5.3.6</httpcore5.version>
-		<httpclient5.version>5.5.1</httpclient5.version>
+		<httpcore5.version>5.4</httpcore5.version>
+		<httpclient5.version>5.6</httpclient5.version>
 		<httpcomponents-client.version>4.5.14</httpcomponents-client.version>
 		<jakarta-servlet.version>6.1.0</jakarta-servlet.version>
 		<!-- XSUAA -->
diff --git a/pom.xml b/pom.xml
index f2370c732..acc8e22c7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -103,7 +103,7 @@
 		<slf4j.version>2.0.17</slf4j.version>
 		<assertj-core.version>3.27.6</assertj-core.version>
 		<assertj-vavr.version>0.4.3</assertj-vavr.version>
-		<mockito.version>5.20.0</mockito.version>
+		<mockito.version>5.21.0</mockito.version>
 		<jsonassert.version>1.5.3</jsonassert.version>
 		<junit.jupiter.version>6.0.1</junit.jupiter.version>
 		<codemodel.version>2.6</codemodel.version>
@@ -124,7 +124,7 @@
 		<qdox.version>2.2.0</qdox.version>
 		<wiremock.version>3.13.2</wiremock.version>
 		<checkstyle.version>12.1.2</checkstyle.version>
-		<byte-buddy.version>1.18.2</byte-buddy.version>
+		<byte-buddy.version>1.18.3</byte-buddy.version>
 		<snakeyaml.version>2.5</snakeyaml.version>
 		<commons-codec.version>1.20.0</commons-codec.version>
 		<commons-beanutils.version>1.11.0</commons-beanutils.version>