jmeter-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From George <bamboocha...@yahoo.de>
Subject Re: JMeter SMTP Sampler with (SSL/TLS) and TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Date Wed, 03 Jun 2015 10:11:10 GMT
Hello,
yes my server can do tls 1.2 perfectly and also with the above (strong) cipher.I did some
more tests where i modify step by step my server configuration until it works and here are
my results.
Test 1:My server allows ONLY tls 1.2 and ONLY the cipher ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
Test 2:My server allows ONLY tls 1.2 and ANY cipher
Test 3:My server allows tls 1.2 and tls 1.1 and ANY cipher
Test 4:My server allows tls 1.2 and tls 1.1 and tls 1.0 and ANY cipher

My jmeter.properties is set to do tls1.2 only - but the SSL configuration is only for the
http protocol and not for smtp(s).Thus i think this does not care.I have java jre 1.8 latest
plus the oracle security "Unlimited Strength Java Cryptography Extension Policy Files" pakage.
My jmeter test plan is very easy. 
One thread one smtp sampler and one "view results in tree".The SMTP Sampler target my mail
server on port "465" and the checkbox "use ssl" is enabled and the hook "Trust all certificates"
is enabled too.There is one Subject: hello and Email body: hello. Simple
Results:Test 1: Fail - no ssl handshakeTest 2: Fail - no ssl handshakeTest 3: Fail - no ssl
handshakeTest 4: Success: Perfectly SSL Handshake. SSL Connection established using "TLSv1
ECDHE-ECDSA-AES256-SHA" (no client certificate checkup <- means no mutual ssl)
OK thus it works.I can sent an email with jmeter SMTP sampler using (direct) ssl on port 465
- but it only works if i activate tls1.0. 
I do not found any jmeter configuration about "smtps".

I did some further tests wirh thunderbird 31.4 (on a linux).Here the results.Test 1: Fails
- no ssl connectionTest 2, 3 and 4: Success.
Looking on the thunderbird settings its strange but the cipher i want to use is not available.
Thus i can do tls1.2 but not with my "strong" cipher.
Br.George

 


     Felix Schumacher <felix.schumacher@internetallee.de> schrieb am 10:29 Montag, 1.Juni
2015:
   

 Am 29.05.2015 um 13:16 schrieb George:
> Hello,
> i try to sent a "hello" email using SMTP Sampler and want to use SSL/TLS on standard
port 465 for this connection.More i want to use TLSv1.2 with the very strong cipher "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"Currently
the handshake fail.
> Technially if i change the configuration on my server to also accept TLSv1.1 and v1.0
then the SSL connection works and the email is sent perfectly.I see in the logs that the client
(jmeter) and my server aggreed on a cipher comming from TLS1.0.Thus in general SSL is working
but not with TLSv1.2.
> Anyone any idea how i can use SMTP(s) with TLSv1.2 and the above cipher?I tried to put
this in my jmeter.sh file but seems it does not matter?
> JMETER_OPTS="-Dhttps.cipherSuites=TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"
The smtp sampler has no option to specify the wanted ciphersuites, so 
the option given above will not be used.
> I also installed lates java jdk and i also installed the additional strong security pakage
and replaced the .jar files in /usr/java/jre.../lib/security
Which jdk did you install exactly?

Have you checked (with openssl or something similar), that your 
mailserver is capable of TLSv1.2?

Regards
  Felix
> BrGeorge
>
>


---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscribe@jmeter.apache.org
For additional commands, e-mail: user-help@jmeter.apache.org



  
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message