7 Feb
2014
7 Feb
'14
11:36 a.m.
Hi,
Well, the reason of certificates in HTTPS is to ensure security. If the client cannot match the URL you use the certificate sent back by the server, then it might be another server responding. Or it might be that you access the server with another domain name or IP than the one in the certificate. In that case, JMeter is probably by-passing this and use the server anyway, whilst the HTTP module looks like preventing access (which apparently is mandatory as by RFC 2818 and RFC 6125).
The best option is probably to have a look at the certificate and see what domain name or IP it uses.
Regards,
--
Florent Georges
http://fgeorges.org/
http://h2oconsulting.be/
On 7 February 2014 16:23, Hans-Juergen Rennau wrote:
> Hello, I have the same problem with https (in combination with numerical IP
> address), but I have no control over the SSL certificates. I know that
> JMeter accesses the server without problems, so I suppose that in principle
> it would be possible to solve the problem within the http module, without
> client intervention.
>
> I would greatly appreciate if a solution could be found so that the http
> module works robustly and out of the box. I find the http module extremely
> important. It it works just fine it can make BaseX very attractive for
> people who are far from thinking that an XML database is of any interest to
> them.
>
> Cheers,
> Hans-Juergen
>
>
>
> Marco Lettere marco.lettere@dedalus.eu schrieb am 17:08 Donnerstag,
> 6.Februar 2014:
> Yes, thanks to all for the contributions.
> Fortunately I'm in control of the HTTPS server side so I could fix the SSL
> certificate there by recreating it with the keytool options
>
> -ext nas=ip:X.Y.Z.W,dns:localhost,dns:demohost
>
> This adds a section like this
>
> SubjectAlternativeName [
> DNSName: localhost
> DNSName: demohost
> IPAddress: X.Y.Z.W
> ]
>
> into the certificate stored on the created server's keystore (jks). I then
> imported it (always with keytool) into the cacerts of the jdk I use to run
> basex with. Finally I restarted basex server and gui. At that point
> everything works fine and I can send-request to either of the three
> possibilities ('localhost', ip address or any other added dns name like
> 'demohost').
>
> I know this is not basex specific but maybe this detailed answer could be
> useful for anyone who will stumble upon this discussion for the same reasons
> as mines.
>
> Thanks again,
> Marco.
>
> On 02/06/2014 02:59 PM, Florent Georges wrote:
>
> Marco Lettere wrote:
>
> Hi,
>
>> anyone succeded in using send-request to send data to an HTTPS
>> server?
>> No matter how hard I try (even handling all that Certificate import
>> stuff) I conntinuosly get this error message.
>
>> [HC0001] java.security.cert.CertificateException: No subject
>> alternative names present
>
> Do you use an IP instead of a domain name? Are those links of any
> help?
>
> http://stackoverflow.com/questions/10258101/sslhandshakeexception-no-subject...
> http://stackoverflow.com/questions/8443081/how-are-ssl-certificate-server-na...
>
> Regards,
>
> --
> Florent Georges
> http://fgeorges.org/
> http://h2oconsulting.be/
>
>
>
>
>
>
>
>
> _______________________________________________
> BaseX-Talk mailing list
> BaseX-Talk@mailman.uni-konstanz.de
> https://mailman.uni-konstanz.de/mailman/listinfo/basex-talk
>
>
>
> _______________________________________________
> BaseX-Talk mailing list
> BaseX-Talk@mailman.uni-konstanz.de
> https://mailman.uni-konstanz.de/mailman/listinfo/basex-talk
>