Issue: 

When trying to execute a https service from DevTest using a HTTP or WebService/REST step, I get the following exception

javax.net.ssl.SSLHandshakeException: server certificate change is restrictedduring renegotiation 

at sun.security.ssl.Alerts.getSSLException(Unknown Source)

at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) 

Environment:

DevTest 8 and 9 – All versions and platforms

Cause: 

When trying to execute a service that is using SSL with DevTest to a secure service that has resolved the POODLE SSLv3 vunerability, you may not be able to access the secure service with our defaut SSL settings in our embedded JRE.

Resolution:

Add the following properties to your local.properties file.   Will need these settings for your Workstation environment when authoring a test to the secure SSL service,  and for your simulators that will execute the test against the service.

-Djdk.tls.allowUnsafeServerCertChange=true

-Dsun.security.ssl.allowUnsafeRenegotiation=true 

Additional Information:

Although we are allowing the unsafe negotiations to be handled by DevTest, this is an acceptable workaround since DevTest is a testing product and not intended to be used as a production product.