You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@jmeter.apache.org by "Pierre A. Damas" <pi...@damas.be> on 2005/03/24 13:34:39 UTC

HTTPS trustmanagers and hostnameVerifier not initialised properly in HTTPSampler

Hi,

I want to connect to a site where I know that the site name is different 
than the name in the certificate (I know it is bad, but it is so ;-) )

My connection is refused by Java since the hostname verifier is not properly 
set.

In fact, the JsseSSLManager properly initialises the context with an "Always 
Trust" manager and an "Always accept" hostname verifier.  So, I checked why 
it was not used properly.

In HTTPSample manager, the code says:

conn= (HttpURLConnection) u.openConnection();
if ("https".equalsIgnoreCase(u.getProtocol()))
{
   try
   {
   SSLManager.getInstance().setContext(conn);
   }
...

Although it seems correct, it means that the connection is built BEFORE the 
SSLManager is initialised and providing good default values.
The setContext only sets the factory.

I replaced it by the following code:

        if ("https".equalsIgnoreCase(u.getProtocol()))
        {
            SSLManager sslManager = SSLManager.getInstance();
        }

        conn= (HttpURLConnection) u.openConnection();

        if ("https".equalsIgnoreCase(u.getProtocol()))
        {
            try
            {
                sslManager.setContext(conn);
            }

and it works correctly: the SSLManager is instanciated, the context is 
initialised >before< creation of the connection.

Pierre A. 



---------------------------------------------------------------------
To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jmeter-user-help@jakarta.apache.org