Ability to disable SSL certificate verify #619
Comments
|
I don't think it makes sense to add this as a command line option. It won't be applicable in many cases, like when writing a locustfile with a custom client. I think this is best handled in code when writing your locustfile. You can disable cert verification by passing For examples, see #300 |
|
Here is the rationale. Yes, you can put in your tests whether to verify or not. But in reality, we want to test load on our systems not whether SSL is good or not. There are different systems in the chain before production. Not all of them have valid certificates, nor need to. I don't want to write and maintain separate yet identical functional tests simply to turn SSL verify on or off. I would rather use the same suite of tests and override the HTTP setting from command line to disable it. In other less frequent situations you just encounter a bad certificate in a system you are testing (maybe it expired). You don't want to A) Hang up your testing because of this bad cert or B) Edit your tests (what if there are 1000's?) to reflect this temporary situation. |
or you could use environment variables |
Please allow a flag such as --disable-ssl-verify that will ignore certificate verify errors when testing a website.
The text was updated successfully, but these errors were encountered: