jmeter-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Felix Schumacher <felix.schumac...@internetallee.de>
Subject RE: Certificate error when trying to test a website with a SHA-512 self signed certificate
Date Wed, 20 Mar 2019 14:54:15 GMT


Am 20. März 2019 10:46:57 MEZ schrieb "João Lobinho Amaral" <Joao.l.Amaral@noesis.pt>:
>Thanks for the help guys.
>
>Installing JCE didn't help.
>
>Can't use that tool on Windows but here you go the details of the
>certificate:
>Signature Algorithm: RSASSA-PSS

https://bugs.java.com/bugdatabase/view_bug.do?bug_id=8146293

I think JDK 8 has not been updated to include a fix (yet?) 

So maybe you have a chance trying Java 11 or try another cert authority that uses signatures
Java 8 can handle. 

Regards, 
 Felix 

>Signature Hash Algoritm: sha512
>Valid from: ‎2 ‎October, ‎2018 8:30:30 AM
>Valid to: ‎2 ‎October, ‎2019 8:30:30 AM
>Public Key: RSA (1024 Bits)
>
>Please remember it's a self signed certificate. When I try to test a
>website that has a valid CA certificate it doesn't throw the error.
>
>Thank you
>
>-----Original Message-----
>From: Kiran Badi [mailto:kiranbadi@yahoo.com.INVALID] 
>Sent: 19 March, 2019 4:54 PM
>To: JMeter Users List <user@jmeter.apache.org>
>Subject: Re: Certificate error when trying to test a website with a
>SHA-512 self signed certificate
>
>try with simple httpclient get request outside of jmeter and see if you
>still get that error. 
>
>Are you able to get output for below call openssl s_client -showcerts
>-connect <server>:<port> 
>
>possible for you to paste that output.
>
>
>
>
> 
>
>On Tuesday, March 19, 2019, 12:47:35 PM EDT, Brian Wolfe
><wolfebrian2120@gmail.com> wrote:  
> 
>You might need to install JCE into your java. I think the sha512
>algorithm may be one of the restricted ones that aren't allowed to be
>in the standard install due to export restrictions.
>
>
>On Tue, Mar 19, 2019, 11:53 João Lobinho Amaral
><Joao.l.Amaral@noesis.pt>
>wrote:
>
>> Hello,
>>
>> I'm looking for help on this.
>>
>> When trying to test the load of a website with a SHA-512 self-signed 
>> certificate I receive this error:
>> Response code: Non HTTP response code: 
>> javax.net.ssl.SSLHandshakeException
>> Response message: Non HTTP response message:
>> java.security.cert.CertificateException: Certificates do not conform 
>> to algorithm constraints
>>
>>
>> I've already tried to comment out the values on 
>> \Java\jre1.8.0_201\lib\security\java.security to what is recommended
>here:
>>
>>
>https://stackoverflow.com/questions/14149545/java-security-cert-certif
>> icateexception-certificates-does-not-conform-to-algori
>>
>>
>> This doesn't help.
>>
>> java -version
>> java version "1.8.0_201"
>> Java(TM) SE Runtime Environment (build 1.8.0_201-b09) Java
>HotSpot(TM) 
>> 64-Bit Server VM (build 25.201-b09, mixed mode)
>>
>>
>> Any help here?
>>
>> Kind regards,
>> João
>>
>>  

---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
For additional commands, e-mail: user-help@jmeter.apache.org


Mime
View raw message