禁用JMeter SSL证书解析和验证

我正在尝试查询具有自签名证书的服务器上的HTTPS REST API。
我设置了一个HTTP请求并将其指向我的API。但是当我运行它时，我得到一个错误：

javax.net.ssl.SSLHandshakeException: Failed to parse server certificates
    at sun.security.ssl.Alert.createSSLException(Unknown Source)
    at sun.security.ssl.TransportContext.fatal(Unknown Source)
    at sun.security.ssl.TransportContext.fatal(Unknown Source)
    at sun.security.ssl.CertificateMessage$T12CertificateConsumer.onCertificate(Unknown Source)
    at sun.security.ssl.CertificateMessage$T12CertificateConsumer.consume(Unknown Source)
    at sun.security.ssl.SSLHandshake.consume(Unknown Source)
    at sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
    at sun.security.ssl.HandshakeContext.dispatch(Unknown Source)
    at sun.security.ssl.TransportContext.dispatch(Unknown Source)
    at sun.security.ssl.SSLTransport.decode(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.decode(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.readHandshakeRecord(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.createLayeredSocket(SSLConnectionSocketFactory.java:436)
    at org.apache.http.conn.ssl.SSLConnectionSocketFactory.connectSocket(SSLConnectionSocketFactory.java:384)
    at org.apache.jmeter.protocol.http.sampler.hc.LazyLayeredConnectionSocketFactory.connectSocket(LazyLayeredConnectionSocketFactory.java:91)
    at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:142)
    at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl$JMeterDefaultHttpClientConnectionOperator.connect(HTTPHC4Impl.java:404)
    at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
    at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
    at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
    at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
    at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
    at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
    at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
    at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
    at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.executeRequest(HTTPHC4Impl.java:935)
    at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.sample(HTTPHC4Impl.java:646)
    at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:66)
    at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1296)
    at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1285)
    at org.apache.jmeter.threads.JMeterThread.doSampling(JMeterThread.java:638)
    at org.apache.jmeter.threads.JMeterThread.executeSamplePackage(JMeterThread.java:558)
    at org.apache.jmeter.threads.JMeterThread.processSampler(JMeterThread.java:489)
    at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:256)
    at java.lang.Thread.run(Unknown Source)
Caused by: java.security.cert.CertificateParsingException: Empty issuer DN not allowed in X509Certificates
    at sun.security.x509.X509CertInfo.parse(Unknown Source)
    at sun.security.x509.X509CertInfo.<init>(Unknown Source)
    at sun.security.x509.X509CertImpl.parse(Unknown Source)
    at sun.security.x509.X509CertImpl.<init>(Unknown Source)
    at sun.security.provider.X509Factory.engineGenerateCertificate(Unknown Source)
    at java.security.cert.CertificateFactory.generateCertificate(Unknown Source)
    ... 34 more

字符串
如何禁用SSL证书解析和验证？
This question和this question都说JMeter不验证SSL证书。如果这是真的，那么我的服务器的X509证书显然是无效的这一事实就不会是一个问题。这些问题都是很老的问题了，所以可能不再是默认不验证的情况了
我尝试将此属性添加到我的jmeter.properties文件中，但没有任何区别：server.rmi.ssl.disable=true。这是在上面的一个类似问题中提出的（尽管我不确定为什么在RMI中禁用SSL与HTTP有任何关系。）

如何让JMeter完全忽略我的https API请求的无效自签名证书？

最新的JMeter（5.4.1）和Java 8u311。

根据质量标准：
颁发者字段标识已签署和颁发证书的实体。颁发者字段必须包含非空的可分辨名称（DN）
在RFC术语中，MUST实际上是MUST
必须这个词，或术语“必需”或“应”，意味着该定义是规范的绝对要求。
实际JMeter文档指出：
JMeter HTTP采样器被配置为接受所有证书，无论是否受信任，无论有效期如何等。这是为了在测试服务器时提供最大的灵活性。
所以我建议联系开发人员或系统管理员，请他们修复证书
如果由于某种原因不可能，您可以尝试在HTTP请求采样器中使用HTTP协议而不是HTTPS（或者更好的HTTP Request Defaults）

的数据
如果你的应用程序没有公开HTTP端点，你唯一能做的就是修补你的Java运行时并recompile它。

禁用JMeter SSL证书解析和验证

2条答案

相关问题

热门标签

最新问答