Mailing-List: contact jmeter-user-help@jakarta.apache.org; run by ezmlm
Precedence: bulk
Reply-To: "JMeter Users List" <jmeter-user@jakarta.apache.org>
Received-SPF: pass (herse.apache.org: domain of sebbaz@gmail.com designates
 66.249.92.174 as permitted sender)
DomainKey-Signature: a=rsa-sha1; c=nofws;
        d=gmail.com; s=beta;
        h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references;
        b=H34aQdlnlxKrivD6b68qEF68FBXmTHtQg2Ghwp4aJ1o6W+7tChkyl6py3Rgj+0iXPZfLG1Y+D2p8TqjpgHNyzrmpy1j1nktrWED7x2ap0YcuKfRSnfkTpwrHmcs41sXYNwbD7l1VOGbCtqhgkDUgNknX+jC4nLEEcNlFTZnrHzw=
Message-ID: <25aac9fc0702030917q7108a9f9g57450ef33b803967@mail.gmail.com>
Date: Sat, 3 Feb 2007 17:17:07 +0000
From: sebb <sebbaz@gmail.com>
To: "JMeter Users List" <jmeter-user@jakarta.apache.org>
Subject: Re: Problem with ssl certificate
In-Reply-To: <25aac9fc0702010415m569e7576hbfceba75f999b762@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
References: <632cebf10701282213hf0ecc24u6440cdad489bbed7@mail.gmail.com>
	 <25aac9fc0702010415m569e7576hbfceba75f999b762@mail.gmail.com>

On 01/02/07, sebb <sebbaz@gmail.com> wrote:
> On 29/01/07, xue wu <wuxueguai@gmail.com> wrote:
> > Hi all,
> > I want to use Jmeter to test a https website. I installed and exported
> > the certificate of that site as a cer file and imported this cer file
> > to the cacert keystore under jre/lib/security. and then in the
> > jmeter.properties file i stated like this:
> >
> > ssl.provider=com.sun.net.ssl.internal.ssl.Provider
> > ssl.pkgs=com.sun.net.ssl.internal.www.protocol
> > javax.net.ssl.keyStore=C:\Program Files\Java\jdk1.6.0\jre\lib\security\cacerts
> > javax.net.ssl.keyStorePassword=changeit
>
> Should be no need to do that.
>
> > When I run Jmeter, I always got the error "Couldn't load keystore
> > java.lang.Exception: No key found"
>
> Not sure what causes this problem, but the message can be ignored, as
> the sampler still works for me.

I've discovered that this happens when you don't provide a keystore.
JMeter creates an empty keystore. It then searches it for keys, but of
course does not find any! The error message should only be generated
for actual keystores.
[I'm in the process of fixing this and producing better error messages]

> > I also tried to create a new keystore and paste it to
> > jre/lib/security, but it did not make any difference.
> > Does anyone know what else should I do to make the Jmeter work
> > properly with https web site?
>
> So long as you are using Java 1.4.2 or later JMeter should work "out
> of the box" with any https web-site that uses a certificate signed by
> an authority known to Java.
>
> If the authority is  not known to Java, you will have to tell Java
> about it (as you have done).

Actually you don't have to do this, as the JMeter SSLManager installs
a very lenient TrustManager that trusts everything.

> The HTTP Sampler can handle self-signed certificates; however the HTTP
> HttpClient Sampler cannot yet do so.

I've just about got this working.

> Furthermore if you mix HTTP and HTTP HttpClient samplers in the same
> test plan, the HttpClient samplers will stop working if there is a
> previous HTTP Sampler that connects to a self-signed site... [I need
> to create a Bugzilla for this].

I think I've found a fix for that.

> S///
>

---------------------------------------------------------------------
To unsubscribe, e-mail: jmeter-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jmeter-user-help@jakarta.apache.org