Issue:
When trying to execute a https service from DevTest using a HTTP or WebService/REST step, I get the following exception
javax.net.ssl.SSLHandshakeException: server certificate change is restrictedduring renegotiation
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.fatal(Unknown Source)
Environment:
DevTest 8 and 9 – All versions and platforms
Cause:
When trying to execute a service that is using SSL with DevTest to a secure service that has resolved the POODLE SSLv3 vunerability, you may not be able to access the secure service with our defaut SSL settings in our embedded JRE.
Resolution:
Add the following properties to your local.properties file. Will need these settings for your Workstation environment when authoring a test to the secure SSL service, and for your simulators that will execute the test against the service.
-Djdk.tls.allowUnsafeServerCertChange=true
-Dsun.security.ssl.allowUnsafeRenegotiation=true
Additional Information:
Although we are allowing the unsafe negotiations to be handled by DevTest, this is an acceptable workaround since DevTest is a testing product and not intended to be used as a production product.