I am testing HTTPS Requests to a custom server using JMeter, but the certificate that the custom server returns in untrusted (as this is a development server). Because of this, the requests fail as it needs a signed/verified CA Certificate.
Is there a way to turn off Jmeter's certificate verification similar to curl (-k option) ?
JMeter does not validate certificates by default, it ignores all certificate errors such as expiry and incorrect hostname. https://cwiki.apache.org/confluence/display/JMETER/JMeterAndHTTPS
If you are still facing this issue, then you can explicitly mention the properties to ignore ssl certificate check. It can be done in two ways,
Add a JMeter start-up configuration. You just have to look for the jmeter.properties file and add the code line ‘server.rmi.ssl.disable=true’
Executing Jmeter through command line by passing parameter to rewrite properties of the configuration files at start-up,
jmeter -s -Jserver.rmi.ssl.disable=true
Also check if correct headers are passed,
Accept-Enconding= application/json
Content-Type= application/json
You can include the certificate from the development server in Jmeter jvm.
Download the certificate using any of the browsers. Here is a link on how to do this.
Identify the jvm that Jmeter uses. This is generally your JAVA_HOME environment varaible.
Add the certificate to the jvm truststore. Here are the steps.
That should fix it.
