I am using a proxy that has been built upon webscarab jar to intercept HTTP request and response. When I hit a particular https URL I'm getting
javax.net.ssl.SSLHandshakeException: java.security.cert.CertificateException: Certificates do not conform to algorithm constraints which is caused by java.security.cert.CertPathValidatorException: Algorithm constraints check failed on signature algorithm: MD2withRSA.
Though without webscarab the request gets proper response. I tried commenting the properties jdk.certpath.disabledAlgorithms and jdk.tls.disabledAlgorithms in java.security file but still the error occurs. My current java version is 1.8.152. The request gets proper response using Fiddler if we intercept the request. Can someone help me understand why this error occurs and give me any suggestion to resolve this issue?
Are you sure you really want to use WebScarab? Its not being maintained any more.
ZAP, on he other hand, is very actively maintained :) https://github.com/zaproxy/zaproxy