On 10/04/06, Sonam Chauhan <[EMAIL PROTECTED]> wrote: > > > Can JMeter 2.2.1's SSL engine be set to ignore expired SSL certs? > > > > When JMeter 2.2.1 makes SSL requests to a webserver with an expired > SSL > > > certificates, all SSL connection attempts fail with a Java > > > CertificateExpiredException (see below). Having an unexpired SSL > > > certificate on the server fixes the problem. But, we use expired > certs > > > on our internal test servers -- hence this question. > > > JMeter only uses the facilities provided by JSSE. > > Perhaps there is a property one can set? Might be worth checking the > > Sun Java web-site. > > Thanks Sebb. > > I had a look at the Sun site, especially at this "Default Policy > Implementation and Policy File Syntax" document -- no clues there: > > http://java.sun.com/j2se/1.4.2/docs/guide/security/PolicyFiles.html > > > If you do find anything (or anyone else knows) please let us know, and > > it can be added to the documentation. > > I think there isn't an easy property one can set... otherwise Sun > certificate expiry notifications like this would list that as a > workaround? > http://sunsolve.sun.com/search/document.do?assetkey=1-26-57436-1 > > > > > Is there a way to bypass the CertificateExpiredException in JMeter? (eg: > trap the exception, and... umm,ah). > > This is a very handy option to have: another Java app (webMethods) we > use has a config option to ignore cert expiry, but it doesn't use JSSE. > > Should I create a Bugzilla entry?
Yes, good idea, easier to keep track of. > > Sonam > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
