RestAssured.useRelaxedHTTPSValidation() is ignored on http requests.
See original GitHub issueWe have a web application that enforces SSL connections. So when a request is made to http://example.com:9080/myapp it will automatically be forwarded to https://example.com:9443/myapp. In our testing environments we use a self signed certificate that is generated on the fly and is not easily accessed thus our Rest Assured tests need to just ignore HTTPS Validation. I have observed the following:
Failing test:
@Test
public void basicPingTest() {
RestAssured.authentication = basic("foo", "bar");
RestAssured.baseURI = "http://example.com:9080/myapp";
RestAssured.useRelaxedHTTPSValidation();
given().when().get().then().statusCode(200);
}
Fails with error:
javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.exampleTestServiceIT.basicPingTest(TestServiceIT.java:34)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.example.TestServiceIT.basicPingTest(TestServiceIT.java:34)
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.example.TestServiceIT.basicPingTest(TestServiceIT.java:34)
Working test:
@Test
public void basicPingTest() {
RestAssured.authentication = basic("foo", "bar");
RestAssured.baseURI = "https://example.com:9443/myapp";
RestAssured.useRelaxedHTTPSValidation();
given().when().get().then().statusCode(200);
}
It appears that the useRelaxedHTTPSValidation configuration is ignored when the original request is using an http scheme. Is this an oversight in the design?
Issue Analytics
- State:
- Created 7 years ago
- Reactions:19
- Comments:5
Top Results From Across the Web
Developers - RestAssured.useRelaxedHTTPSValidation() is ignored ...
useRelaxedHTTPSValidation() is ignored on http requests. ... and is not easily accessed thus our Rest Assured tests need to just ignore HTTPS Validation....
Read more >useRelaxedHTTPSValidation does not seem to work with ...
I am working around the cert validation by using RestAssured.useRelaxedHTTPSValidation() statically for all requests. The tests run just fine with JDK ...
Read more >Connection refused in rest assured for HTTPS request
To ignore the HTTPS Connection you can use: RestAssured.useRelaxedHTTPSValidation();.
Read more >RestAssured.useRelaxedHTTPSValidation() - Tabnine
RestAssured.useRelaxedHTTPSValidation(). /** * Use relaxed HTTP validation with protocol {@value #SSL}. This means that you'll trust all hosts regardless if ...
Read more >Testing RESTful Web Services made easy using the REST ...
Prerequisites; The REST Service to be tested; Adding REST-assured to your Maven project; Examples. Verify JSON GET Request; Using JsonPath ...
Read more >
Top Related Medium Post
No results found
Top Related StackOverflow Question
No results found
Troubleshoot Live Code
Lightrun enables developers to add logs, metrics and snapshots to live code - no restarts or redeploys required.
Start Free
Top Related Reddit Thread
No results found
Top Related Hackernoon Post
No results found
Top Related Tweet
No results found
Top Related Dev.to Post
No results found
Top Related Hashnode Post
No results found
Hi! Any updates on when this is going to be fixed?
not fixed yet, just use url with https to avoid this issue