You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@jmeter.apache.org by mi...@apache.org on 2014/10/19 18:29:29 UTC
svn commit: r1632953 - in /jmeter/trunk/xdocs: changes.xml
usermanual/component_reference.xml
Author: milamber
Date: Sun Oct 19 16:29:28 2014
New Revision: 1632953
URL: http://svn.apache.org/r1632953
Log:
Certificates does not conform to algorithm constraints: Adding a note to indicate how to remove of the Java installation these new security constraints
Bugzilla Id: 56357
Modified:
jmeter/trunk/xdocs/changes.xml
jmeter/trunk/xdocs/usermanual/component_reference.xml
Modified: jmeter/trunk/xdocs/changes.xml
URL: http://svn.apache.org/viewvc/jmeter/trunk/xdocs/changes.xml?rev=1632953&r1=1632952&r2=1632953&view=diff
==============================================================================
--- jmeter/trunk/xdocs/changes.xml (original)
+++ jmeter/trunk/xdocs/changes.xml Sun Oct 19 16:29:28 2014
@@ -175,6 +175,20 @@ This is a known Java bug, see Bug <a hre
A workaround is to use a Java 7 update 40 runtime which fixes this issue.
</li>
+<li>
+You may encounter the following error: <i>java.security.cert.CertificateException: Certificates does not conform to algorithm constraints</i>
+ if you run a HTTPS request on a web site with a SSL certificate (itself or one of SSL certificates in its chain of trust) with a signature
+ algorithm using MD2 (like md2WithRSAEncryption) or with a SSL certificate with a size lower than 1024 bits.
+This error is related to increased security in Java 7 version u16 (MD2) and version u40 (Certificate size lower than 1024 bits), and Java 8 too.
+<br></br>
+To allow you to perform your HTTPS request, you can downgrade the security of your Java installation by editing
+the Java <b>jdk.certpath.disabledAlgorithms</b> property. Remove the MD2 value or the constraint on size, depending on your case.
+<br></br>
+This property is in this file:
+<pre>JAVA_HOME/jre/lib/security/java.security</pre>
+See <bugzilla>56357</bugzilla> for details.
+</li>
+
</ul>
<!-- =================== Incompatible changes =================== -->
@@ -282,6 +296,7 @@ for details on configuring this componen
<li><bugzilla>56772</bugzilla> - Handle IE Conditional comments when parsing embedded resources</li>
<li><bugzilla>57026</bugzilla> - HTTP(S) Test Script Recorder : Better default settings. Contributed by Ubik Load Pack (support at ubikloadpack.com)</li>
<li><bugzilla>57107</bugzilla> - Patch proposal: Add DAV verbs to HTTP Sampler. Contributed by Philippe Jung (apache at famille-jung.fr)</li>
+<li><bugzilla>56357</bugzilla> - Certificates does not conform to algorithm constraints: Adding a note to indicate how to remove of the Java installation these new security constraints</li>
</ul>
<h3>Other samplers</h3>
Modified: jmeter/trunk/xdocs/usermanual/component_reference.xml
URL: http://svn.apache.org/viewvc/jmeter/trunk/xdocs/usermanual/component_reference.xml?rev=1632953&r1=1632952&r2=1632953&view=diff
==============================================================================
--- jmeter/trunk/xdocs/usermanual/component_reference.xml (original)
+++ jmeter/trunk/xdocs/usermanual/component_reference.xml Sun Oct 19 16:29:28 2014
@@ -454,6 +454,21 @@ httpclient4.retrycount=3
httpclient3.retrycount=3
</pre>
</p>
+<p>
+<b>Note: Certificates does not conform to algorithm constraints</b><br></br>
+You may encounter the following error: <i>java.security.cert.CertificateException: Certificates does not conform to algorithm constraints</i>
+ if you run a HTTPS request on a web site with a SSL certificate (itself or one of SSL certificates in its chain of trust) with a signature
+ algorithm using MD2 (like md2WithRSAEncryption) or with a SSL certificate with a size lower than 1024 bits.
+</p><p>
+This error is related to increased security in Java 7 version u16 (MD2) and version u40 (Certificate size lower than 1024 bits), and Java 8 too.
+</p><p>
+To allow you to perform your HTTPS request, you can downgrade the security of your Java installation by editing
+the Java <b>jdk.certpath.disabledAlgorithms</b> property. Remove the MD2 value or the constraint on size, depending on your case.
+</p><p>
+This property is in this file:
+<pre>JAVA_HOME/jre/lib/security/java.security</pre>
+See <bugzilla>56357</bugzilla> for details.
+</p>
<links>
<link href="test_plan.html#assertions">Assertion</link>
<link href="build-web-test-plan.html">Building a Web Test Plan</link>