You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@jmeter.apache.org by "Pierre A. Damas" <pi...@damas.be> on 2005/03/24 13:34:39 UTC
HTTPS trustmanagers and hostnameVerifier not initialised properly in HTTPSampler
Hi,
I want to connect to a site where I know that the site name is different
than the name in the certificate (I know it is bad, but it is so ;-) )
My connection is refused by Java since the hostname verifier is not properly
set.
In fact, the JsseSSLManager properly initialises the context with an "Always
Trust" manager and an "Always accept" hostname verifier. So, I checked why
it was not used properly.
In HTTPSample manager, the code says:
conn= (HttpURLConnection) u.openConnection();
if ("https".equalsIgnoreCase(u.getProtocol()))
{
try
{
SSLManager.getInstance().setContext(conn);
}
...
Although it seems correct, it means that the connection is built BEFORE the
SSLManager is initialised and providing good default values.
The setContext only sets the factory.
I replaced it by the following code:
if ("https".equalsIgnoreCase(u.getProtocol()))
{
SSLManager sslManager = SSLManager.getInstance();
}
conn= (HttpURLConnection) u.openConnection();
if ("https".equalsIgnoreCase(u.getProtocol()))
{
try
{
sslManager.setContext(conn);
}
and it works correctly: the SSLManager is instanciated, the context is
initialised >before< creation of the connection.
Pierre A.
---------------------------------------------------------------------
To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jmeter-user-help@jakarta.apache.org