javax.net.ssl.SSLException: hostname in certificate didn't match
2,561 views
Skip to first unread message
semb...@gmail.com
Jul 12, 2013, 8:36:09 AM7/12/13
to rest-a...@googlegroups.com
Hi,
I run REST tests on a Jenkins slave against an instance with a self-signed SSL certificate (foo.com). When I run the tests locally (on localhost), however, I get the following exception:
javax.net.ssl.SSLException: hostname in certificate didn't match: <localhost> != <*.foo.com>
I would like to turn off the certificate validation, do you know how can I disable it in REST assured?
I found a solution on StackOverflow (insecure, indeed, but it would be perfectly fine for my scenario), but I don't know if I can hook a custom HTTP client to REST assured somehow.
Thank you for your help.
I run REST tests on a Jenkins slave against an instance with a self-signed SSL certificate (foo.com). When I run the tests locally (on localhost), however, I get the following exception:
javax.net.ssl.SSLException: hostname in certificate didn't match: <localhost> != <*.foo.com>
I would like to turn off the certificate validation, do you know how can I disable it in REST assured?
I found a solution on StackOverflow (insecure, indeed, but it would be perfectly fine for my scenario), but I don't know if I can hook a custom HTTP client to REST assured somehow.
Thank you for your help.
Johan Haleby
Jul 12, 2013, 10:47:29 AM7/12/13
to rest-a...@googlegroups.com
You could try to add your own keystore provider and pass it in to the certificate authentication:
given().auth().certificate("file:///my/project/src/test/resources/soapui.p12", "password", "pkcs12", 8443, keystoreProvider)
Another example is to follow the guide here.
Regards,
/Johan
--
You received this message because you are subscribed to the Google Groups "REST assured" group.
To unsubscribe from this group and stop receiving emails from it, send an email to rest-assured...@googlegroups.com.
For more options, visit https://groups.google.com/groups/opt_out.
Lukáš Šembera
Jul 12, 2013, 11:25:42 PM7/12/13
to rest-a...@googlegroups.com
OK, thank you, so there is no way to access the httpClient rest-assured is using to configure it with another HostnameVerifier, right?
Johan Haleby
Jul 13, 2013, 3:34:21 AM7/13/13
to rest-a...@googlegroups.com
No not at the moment. There's an issue for it at the issue tracker but it's not implemented yet. Feel free to contribute if you like!
Regards,
/Johan
Julian Kolodzey
Dec 25, 2019, 3:35:41 AM12/25/19
to REST assured
RequestSpecification spec = new RequestSpecBuilder()
.setRelaxedHTTPSValidation()
.setBaseUri(BASE_URL)
.setBasePath(BASE_PATH)
.setContentType(ContentType.URLENC.toString())
.setAccept(ContentType.ANY)
.addFormParam("client_id","base")
.addFormParam("username","user1")
.addFormParam("password","123")
.addFormParam("grant_type","password")
.log(LogDetail.ALL)
.build();
setRelaxedHTTPSValidation() helps
Reply all
Reply to author
Forward
0 new messages