You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@jmeter.apache.org by bu...@apache.org on 2017/01/03 15:50:54 UTC
[Bug 60546] New: Bypass ssl certificate
https://bz.apache.org/bugzilla/show_bug.cgi?id=60546
Bug ID: 60546
Summary: Bypass ssl certificate
Product: JMeter
Version: 3.0
Hardware: PC
Status: NEW
Severity: normal
Priority: P2
Component: HTTP
Assignee: issues@jmeter.apache.org
Reporter: maran88@gmail.com
Target Milestone: ---
Hi!
I'm currently trying to test a web application and encountered a certificate
error.
According to the documentation all certificates should be accepted despite
validity, but in my case the certificate is valid for https://www.example.com
and I need to run tests for https://servername:port
In wget I get
ERROR: cannot verify servernames's certificate, issued by `xx':
Self-signed certificate encountered.
ERROR: certificate common name `example' doesn't match requested host name
`servername'.
To connect to localhost insecurely, use `--no-check-certificate'.
Unable to establish SSL connection.
Which works when bypassing with the --no-check-certificate option.
In jmeter i get the following error:
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException:
Certificates does not conform to algorithm constraints
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.Handshaker.fatalSE(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at sun.security.ssl.ClientHandshaker.processMessage(Unknown Source)
at sun.security.ssl.Handshaker.processLoop(Unknown Source)
at sun.security.ssl.Handshaker.process_record(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown
Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at
org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:553)
at
org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:412)
at
org.apache.jmeter.protocol.http.sampler.LazySchemeSocketFactory.connectSocket(LazySchemeSocketFactory.java:97)
at
org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:179)
at
org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:328)
at
org.apache.jmeter.protocol.http.sampler.MeasuringConnectionManager$MeasuredConnection.open(MeasuringConnectionManager.java:114)
at
org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:612)
at
org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:447)
at
org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:884)
at
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:82)
at
org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:55)
at
org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.executeRequest(HTTPHC4Impl.java:619)
at
org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.sample(HTTPHC4Impl.java:379)
at
org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:74)
at
org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1146)
at
org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1135)
at
org.apache.jmeter.threads.JMeterThread.executeSamplePackage(JMeterThread.java:465)
at
org.apache.jmeter.threads.JMeterThread.processSampler(JMeterThread.java:410)
at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:241)
at java.lang.Thread.run(Unknown Source)
Caused by: java.security.cert.CertificateException: Certificates does not
conform to algorithm constraints
at
sun.security.ssl.AbstractTrustManagerWrapper.checkAlgorithmConstraints(Unknown
Source)
at
sun.security.ssl.AbstractTrustManagerWrapper.checkAdditionalTrust(Unknown
Source)
at
sun.security.ssl.AbstractTrustManagerWrapper.checkServerTrusted(Unknown Source)
... 28 more
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 60546] Bypass ssl certificate
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60546
maran88@gmail.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Ever confirmed|1 |0
Status|RESOLVED |UNCONFIRMED
Resolution|DUPLICATE |---
--- Comment #2 from maran88@gmail.com ---
This issue cannot be solved by the given workaround in ticket 56357. The issue
is a certificate name missmatch. I.e. localhost vs www.example.com and not an
issue with certificate algorithm or size.
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 60546] Bypass ssl certificate
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60546
Felix Schumacher <fe...@internetallee.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Resolution|--- |DUPLICATE
Status|NEW |RESOLVED
OS| |All
--- Comment #1 from Felix Schumacher <fe...@internetallee.de> ---
*** This bug has been marked as a duplicate of bug 56357 ***
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 60546] Bypass ssl certificate
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60546
juniorolalde55@gmail.com changed:
What |Removed |Added
----------------------------------------------------------------------------
Ever confirmed|0 |1
Status|UNCONFIRMED |NEW
--
You are receiving this mail because:
You are the assignee for the bug.
[Bug 60546] Bypass ssl certificate
Posted by bu...@apache.org.
https://bz.apache.org/bugzilla/show_bug.cgi?id=60546
Felix Schumacher <fe...@internetallee.de> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |NEEDINFO
--- Comment #3 from Felix Schumacher <fe...@internetallee.de> ---
The stacktrace shown is the same as in the linked duplicate, so I believe that
you originally had two problems.
If the server has a different name in the certificate than the name, you are
using for lookup, you can try to use a DNS config element in newer JMeter
versions.
As this is a rather old issue, I tend to close it, if no one is arguing against
it.
--
You are receiving this mail because:
You are the assignee for the bug.