diff --git a/bin/jmeter.properties b/bin/jmeter.properties index e4e2fd44a8..8e4a84974b 100644 --- a/bin/jmeter.properties +++ b/bin/jmeter.properties @@ -638,7 +638,7 @@ upgrade_properties=/bin/upgrade.properties # define this property if you wish to use your own keystore #proxy.cert.alias= # The default validity for certificates created by JMeter -#proxy.cert.validity=90 +#proxy.cert.validity=7 # Use dynamic key generation (if supported by JMeter/JVM) # If false, will revert to using a single key with no certificate #proxy.cert.dynamic_keys=true diff --git a/src/protocol/http/org/apache/jmeter/protocol/http/proxy/ProxyControl.java b/src/protocol/http/org/apache/jmeter/protocol/http/proxy/ProxyControl.java index 3c90258c08..9bafc015a7 100644 --- a/src/protocol/http/org/apache/jmeter/protocol/http/proxy/ProxyControl.java +++ b/src/protocol/http/org/apache/jmeter/protocol/http/proxy/ProxyControl.java @@ -230,7 +230,7 @@ public class ProxyControl extends GenericController implements NonTestElement { // The alias to be used if dynamic host names are not possible static final String JMETER_SERVER_ALIAS = ":jmeter:"; // $NON-NLS-1$ - public static final int CERT_VALIDITY = JMeterUtils.getPropDefault("proxy.cert.validity", 90); // $NON-NLS-1$ + public static final int CERT_VALIDITY = JMeterUtils.getPropDefault("proxy.cert.validity", 7); // $NON-NLS-1$ // If this is defined, it is assumed to be the alias of a user-supplied certificate; overrides dynamic mode static final String CERT_ALIAS = JMeterUtils.getProperty("proxy.cert.alias"); // $NON-NLS-1$ diff --git a/xdocs/usermanual/component_reference.xml b/xdocs/usermanual/component_reference.xml index aed42d3ce8..d095d5b766 100644 --- a/xdocs/usermanual/component_reference.xml +++ b/xdocs/usermanual/component_reference.xml @@ -6382,7 +6382,7 @@ the browser. Effectively JMeter has to pretend to be the target server.

JMeter will generate its own certificate(s). -These are generated with a validity period defined by the property proxy.cert.validity, default 90 days, and random passwords. +These are generated with a validity period defined by the property proxy.cert.validity, default 7 days, and random passwords. If JMeter detects that it is running under Java 8 or later, it will generate certificates for each target server as necessary (dynamic mode) unless the following property is defined: proxy.cert.dynamic_keys=false. When using dynamic mode, the certificate will be for the correct host name, and will be signed by a JMeter-generated CA certificate. diff --git a/xdocs/usermanual/properties_reference.xml b/xdocs/usermanual/properties_reference.xml index 56e3213891..af5d67f3fd 100644 --- a/xdocs/usermanual/properties_reference.xml +++ b/xdocs/usermanual/properties_reference.xml @@ -833,7 +833,7 @@ JMETER-SERVER The default validity (in days) for certificates created by JMeter.
- Defaults to: 90 + Defaults to: 7 Use dynamic key generation (if supported by JMeter/JVM).