jmeter-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sebb <seb...@gmail.com>
Subject Re: HTTPS recording - add option to skip certificate creation?
Date Tue, 22 Oct 2013 15:28:04 GMT
On 22 October 2013 14:48, Milamber <milamber@apache.org> wrote:
>
> Le 22/10/2013 12:02, sebb a ecrit :
>
>> If running under Java 7, the Test Recorder always tries to create a
>> certificate file when starting the Proxy. That was possibly a mistake,
>> but the intention was to ensure that the certificate was available
>> before recording started.
>>
>> The consequence is that the cert is created even if the user is not
>> recording HTTPS. This can cause problems if the Java installation does
>> not include keytool, or if the bin directory is not writable. Also it
>> slows down the start.
>>
>> So maybe there should be an option on the Recorder screen which
>> specifies whether or not the user wants to record HTTPS?
>
>
> Yes and no. Today the website pages mix http and https urls, and it's
> difficult to the user to find all url before the record session to check if
> https exists.

In which case there's no point trying to avoid creation of the certificate.

> Perhaps, start Recorder without https support, and if a https url is
> detected, then display a message (pop-up in JMeter or a log message)

I don't think that would work. There's no guarantee that the user will
see the pop-up if they are busy using the browser for recording.

> Add a new checkbox "Don't display message when a https url is detected"

I assume that relates to the suggestion to add a pop-up.

>
>
>>
>> For example, I did wonder if the new HTTPS domain field should be used
>> for that purpose (i.e. check if it is non-empty). Or do we need a
>> separate checkbox?
>>
>> It does look as though the code should check to see if keytool is
>> available, and revert to the original behaviour if not.
>
> Yes to check if keytool is available in all case.
> The original behavior is the 2.9 behavior (jmeterserver.jks with fake ssl
> cert provide in binary archive)?

There is no longer any SSL certificate provided with JMeter.
Either the user must create their own, or they must use a Java
installation that supports keytool.
[Or we need to work out how to use BouncyCastle to create the certs.]

>
>> Also maybe
>> check if the target directory is writable.
>
>
> Yes must be done in all case.
>
>>
>

Mime
View raw message