jmeter-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Milamber <milam...@apache.org>
Subject Re: Remote test execution
Date Sun, 17 May 2015 08:32:24 GMT

Gather Digital apps use a connection with SSL authentification between 
the client app and the server. You must have the ssl client key file 
(.p12 generally) and import into JMeter to allow the authentication 
between JMeter and the server when the proxy is in action.
http://jmeter.apache.org/usermanual/component_reference.html#SSL_Manager

The other app (esri events) has a bad signature and my android refuse to 
install the app.

Follow the Bob's advice, ask to the developers a non ssl version or the 
SSL keyfile for auth and some docs.


On 17/05/2015 07:42, Bob wrote:
> Pravesh, hope JMeter is not used for man-in-the-middle attack. As I 
> replied before you can always ask developers to provide non-encrypted 
> version and API documentation.
>
> On 17/05/15 09:14, Pravesh Prajapati wrote:
>> Hi Sir,
>> I tried the same thing but finding issues.
>> Can you please for the app (Gather digital & esri events).
>> You will find on the playstore.
>> Just search the name as mentioned above.
>> Sir, please reply.
>> Thanks in advance.
>>
>> On Sun, May 17, 2015 at 12:04 AM, Milamber <milamber@apache.org> wrote:
>>
>>> Works with the Linkedin Apps (for example) with HTTPS request.
>>>
>>> 1/ Start JMeter (fresh install)
>>> 2/ Create a sample test plan with the template "Recording"
>>> 3/ Under the WorkBench, choose the HTTP(S) Test Script Recorder 
>>> element,
>>> and click on the "Start" button (botton)
>>> JMeter will create a new dynamic KeyStore (bin/proxyserver.jks) and 
>>> export
>>> the Root CA public key (bin/ApacheJMeterTemporaryRootCA.crt file)
>>>
>>> 4/ Go to JMETER_HOME/bin, and copy the ApacheJMeterTemporaryRootCA.crt
>>> file to a sdcard (or another way)
>>> 5/ Put the sdcard on your tablet/phone
>>>
>>> 6/ on your tablet/phone, use a file manager (I use the CM File Manager
>>> from Cheetah Mobile on Play Store), go to the sdcard, click on
>>> ApacheJMeterTemporaryRootCA.crt file, to import this Root CA (name for
>>> example : JMeter)
>>>
>>> (with this new Root CA in your phone as a 'true' CA, all fake ssl cert
>>> generated dynamically by JMeter will be trusted on your phone.)
>>>
>>> 7/ Change your WLAN access to add the JMeter proxy (instructions below)
>>> (stop/start wifi after)
>>>
>>> 8/ Start your app, and use it
>>>
>>> 9/ Follow all HTTP/HTTPS requests (from your app, but other background
>>> task too) on JMeter, in the View Results Tree element (under HTTP(S) 
>>> Test
>>> Script Recorder).
>>>
>>>
>>> Milamber
>>>
>>>
>>> For reference (and manage the JMeter Root CA on your phone) :
>>> http://wiki.cacert.org/FAQ/ImportRootCert#Android_Phones_.26_Tablets
>>>
>>> CAcert user trusted certificates
>>>
>>> Download the certificate files ('root.crt' and 'class3.crt') onto the
>>> internal flash storage (the '/sdcard' or any subfolder). Browse to this
>>> folder with the file manager and open 'root.crt'. Although there 
>>> might not
>>> be an icon for certificates and the files will have a '?'-icon, 
>>> files will
>>> be opened with the certificate manager, asking you for a name to 
>>> describe
>>> the to-be-imported certificate. If it is the first user certificate you
>>> install, the Android Security Model forces you to use a lock-screen to
>>> unlock your device (see "CAcert system trusted certificates" if you 
>>> really
>>> need to avoid this) Repeat with the 'class3.crt' file. Check if both
>>> certificate files are installed correctly, Settings -> Security ->
>>> Certificates -> 'User'-section should now list the certificates you 
>>> have
>>> just installed.
>>>
>>>
>>>
>>>
>>>
>>>
>>> On 16/05/2015 17:34, Pravesh Prajapati wrote:
>>>
>>>> Yes sir,
>>>> I am too able to capture traffic with the help of browser in devices.
>>>> But I want to record the traffic of native hydride apps deployed on
>>>> devices
>>>> which uses https for its communication.
>>>>
>>>> Please hep stucked badly.
>>>> Thanks in advance.
>>>>
>>>>
>>>> On Sat, May 16, 2015 at 8:36 PM, Milamber <milamber@apache.org> wrote:
>>>>
>>>>
>>>>> On 16/05/2015 14:51, sebb wrote:
>>>>>
>>>>>> The JMeter recorder (proxy) is intended for capturing local (i.e.

>>>>>> same
>>>>>> host) browser traffic in order to test a remote server.
>>>>>>
>>>>>> This requires that the browser can be configured to use a local 
>>>>>> proxy
>>>>>> (i.e. JMeter's recorder).
>>>>>> AFAIK, this cannot be done for most (any?) Android browsers or apps.
>>>>>>
>>>>> It's possible to use a proxy with a WLAN connection on Android (for
>>>>> browsers and some apps)
>>>>> When your are connect on your wifi acces, return on Settings, 
>>>>> Wifi, long
>>>>> press on your Wifi connection name, Modify, Display advanced 
>>>>> settings,
>>>>> add proxy settings (the jmeter machine on same network - ip and 
>>>>> port of
>>>>> jmeter recorder)
>>>>>
>>>>> Works on my android tablet (Android 4.2.2) with firefox (for https 
>>>>> need
>>>>> to accept an exception) and for some apps (only in http).
>>>>>
>>>>> Milamber
>>>>>
>>>>>
>>>>>   If you just want to record the traffic, you would be better off 
>>>>> using
>>>>>> something like NoRoot Data Firewall which can record the traffic

>>>>>> in a
>>>>>> pcap file.
>>>>>>
>>>>>> You'll probably have to copy the pcap file(s) to another host in

>>>>>> order
>>>>>> to analyse them.
>>>>>>
>>>>>>
>>>>>>
>>>>>> On 16 May 2015 at 13:19, Pravesh Prajapati 
>>>>>> <prajapati.pravesh@gmail.com
>>>>> wrote:
>>>>>
>>>>>> Sir,
>>>>>>> 1.I have installed jmeter root certificate into android device.
>>>>>>> 2.Configure proxy.
>>>>>>> 3.Downloaded gather digital app from the play store.
>>>>>>> 4.Trying to capture the traffic but not able to capture it.
>>>>>>>
>>>>>>> Please help.
>>>>>>> Thanks in advance.
>>>>>>>
>>>>>>>
>>>>>>> On Sat, May 16, 2015 at 4:52 PM, Pravesh Prajapati <
>>>>>>> prajapati.pravesh@gmail.com> wrote:
>>>>>>>
>>>>>>>   Hi sir,
>>>>>>>> How can I install the jmeter ApacheJMeterTemporaryRootCA

>>>>>>>> certificate
>>>>>>>>
>>>>>>> into
>>>>>> iphone or android device.
>>>>>>>> Will this solve my problem.
>>>>>>>> I am not able to capture the traffic of that app.
>>>>>>>> OR is there is any mechanism of Any certificate required
to be
>>>>>>>>
>>>>>>> installed
>>>>>> for capturing the traffic.
>>>>>>>> Please help at the earliest.
>>>>>>>> Thanks in advance.
>>>>>>>>
>>>>>>>> On Sat, May 16, 2015 at 1:43 PM, Bob <b.meliev@gmail.com>
wrote:
>>>>>>>>
>>>>>>>>   Hi Pravesh,
>>>>>>>>> Ask developers to provide App version which works with
staging,
>>>>>>>>>
>>>>>>>> usually
>>>>>> for staging environment used non-encrypted connection.
>>>>>>>>>
>>>>>>>>> On 16/05/15 10:25, Pravesh Prajapati wrote:
>>>>>>>>>
>>>>>>>>>   Hi Sir,
>>>>>>>>>> I want help please help me.
>>>>>>>>>> I want to record the script of native apps on Android
& iphone
>>>>>>>>>>
>>>>>>>>> devices.
>>>>>> But application is secure.
>>>>>>>>>> Can you please suggest me the mechanism so that I
can record the
>>>>>>>>>>
>>>>>>>>> scripts
>>>>>> of
>>>>>>>>>> there native apps.
>>>>>>>>>> I have done all configuration setting in jmeter &
mobile 
>>>>>>>>>> device, but
>>>>>>>>>> still
>>>>>>>>>> not able to record the scripts of the secure native
app.
>>>>>>>>>> Please help.
>>>>>>>>>> Thanks in advance.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Sat, May 16, 2015 at 4:17 AM, sebb <sebbaz@gmail.com>
wrote:
>>>>>>>>>>
>>>>>>>>>>    On 15 May 2015 at 16:19, Flavio Cysne <flaviocysne@gmail.com>
>>>>>>>>>>
>>>>>>>>> wrote:
>>>>>> The machines used at the work environment is using CentOS and had
>>>>>>>>>>> no
>>>>>> problems like this. Maybe this could be related to a missing
>>>>>>>>>>> openssl
>>>>>> package or similar native package that handles SSL connections.
>>>>>>>>>>>>   I doubt it - look at the error message
in the dialogue box.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>> ---------------------------------------------------------------------
>>>>>
>>>>>> To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
>>>>>>>>>>> For additional commands, e-mail: user-help@jmeter.apache.org
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>> ---------------------------------------------------------------------

>>>>>>>>>
>>>>>>>>> To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
>>>>>>>>> For additional commands, e-mail: user-help@jmeter.apache.org
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>   --
>>>>>>>> Regards,
>>>>>>>> Pravesh prajapati.
>>>>>>>> Mob:-9702600170
>>>>>>>>
>>>>>>>>
>>>>>>> -- 
>>>>>>> Regards,
>>>>>>> Pravesh prajapati.
>>>>>>> Mob:-9702600170
>>>>>>>
>>>>>> ---------------------------------------------------------------------

>>>>>>
>>>>>> To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
>>>>>> For additional commands, e-mail: user-help@jmeter.apache.org
>>>>>>
>>>>>>
>>>>>>
>>>>> ---------------------------------------------------------------------
>>>>> To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
>>>>> For additional commands, e-mail: user-help@jmeter.apache.org
>>>>>
>>>>>
>>>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
>>> For additional commands, e-mail: user-help@jmeter.apache.org
>>>
>>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
> For additional commands, e-mail: user-help@jmeter.apache.org
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
For additional commands, e-mail: user-help@jmeter.apache.org


Mime
View raw message