You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@jmeter.apache.org by Frank Wilson <zo...@hotmail.com> on 2012/05/28 15:00:39 UTC
Certificate Based Authentication
Hi all
I'm trying to access a site that uses Certificate Based
Authentication (it also uses SSL encryption). I would like to set up the
Proxy Recorder to record the basis of the script but I can't seem to
get it to work. I am using JMeter 2.6 with Java6 but could upgrade
either if need be.
The problem appears to be that I am not
passing a Client Certificate to the application server. The Proxy server
is using default setting except for the HTTP Sampler setting - type
which I have set to HttpClient3.1. I have modified the system.properties
to include the following:
javax.net.ssl.keyStore="C:/my_new_keystore.jks"
javax.net.ssl.keyStorePassword=password
javax.net.ssl.trustStore="C:/my_new_truststore.jks"
javax.net.ssl.trustStorePassword=password
The file my_new_keystore.jks contains the Client certificate required to authenticate as as a specific user.
The file my_new_truststore.jks contains the SSL certificate of the server. Is this required?
When recording the test I get the following error: javax.net.ssl.SSLException: java.lang.NullPointerException at
sun.security.ssl.Alerts.getSSLException(Unknown Source) at
sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at
sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at
sun.security.ssl.SSLSocketImpl.handleException(Unknown Source) at
sun.security.ssl.SSLSocketImpl.handleException(Unknown Source) at
sun.security.ssl.AppOutputStream.write(Unknown Source) at
java.io.BufferedOutputStream.flushBuffer(Unknown Source) at
java.io.BufferedOutputStream.flush(Unknown Source) at
org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828)
at
org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116)
at
org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
at
org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
at
org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
at
org.apache.jmeter.protocol.http.sampler.HTTPHC3Impl.sample(HTTPHC3Impl.java:249)
at
org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:62)
at
org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1054)
at org.apache.jmeter.protocol.http.proxy.Proxy.run(Proxy.java:236) Caused by:
java.lang.NullPointerException at
org.apache.jmeter.util.keystore.JmeterKeyStore.getAlias(JmeterKeyStore.java:139)
at
org.apache.jmeter.util.JsseSSLManager$WrappedX509KeyManager.chooseClientAlias(JsseSSLManager.java:380)
at sun.security.ssl.AbstractKeyManagerWrapper.chooseClientAlias(Unknown Source)
at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source) at
sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) at
sun.security.ssl.Handshaker.processLoop(Unknown Source) at
sun.security.ssl.Handshaker.process_record(Unknown Source) at
sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at
sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at
sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source) ... 14 more
Could anyone explain what else I am missing?
Thanks,
Frank
RE: Certificate Based Authentication
Posted by Frank Wilson <zo...@hotmail.com>.
No problems, everything seems to be working fine
> Date: Wed, 30 May 2012 09:53:18 -0300
> Subject: Re: Certificate Based Authentication
> From: flaviocysne@gmail.com
> To: user@jmeter.apache.org
>
> Have you got any problem after you added keystore back into
> system.properties?
>
> Regards,
> Flávio Cysne
>
> 2012/5/29 Frank Wilson <zo...@hotmail.com>
>
> >
> > Thanks Flávio
> > I removed the trust store config because it wasn't required and followed
> > the steps you listed.
> > First I tried used the SSL Manager and Keystore configuration. In my logs
> > I was getting the error listed below.The problem was due to my
> > configuration of the Keystore Configuration, the start index was set to 1.
> > My first (and only) certificate used an alias of 1 (which I believe is
> > unrelated to the index). The Keystore Configuration uses a zero-based
> > index.I have change this and everything is working fine. Finally I added
> > the keystore back into my properties file again.
> > Regards,
> > Frank
> > 2012/05/30 10:54:37 ERROR - jmeter.util.SSLManager: Problem loading
> > keystore: No key(s) found java.lang.Exception: No key(s) found at
> > org.apache.jmeter.util.keystore.JmeterKeyStore.load(JmeterKeyStore.java:100)
> > at org.apache.jmeter.util.SSLManager.getKeyStore(SSLManager.java:126) at
> > org.apache.jmeter.util.JsseSSLManager.createContext(JsseSSLManager.java:232)
> > at
> > org.apache.jmeter.util.JsseSSLManager.getContext(JsseSSLManager.java:198)
> > at
> > org.apache.jmeter.util.HttpSSLProtocolSocketFactory.getSSLSocketFactory(HttpSSLProtocolSocketFactory.java:105)
> > at
> > org.apache.jmeter.util.HttpSSLProtocolSocketFactory.createSocket(HttpSSLProtocolSocketFactory.java:149)
> > at
> > org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)
> > at
> > org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
> > at
> > org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
> > at
> > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
> > at
> > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
> > at
> > org.apache.jmeter.protocol.http.sampler.HTTPHC3Impl.sample(HTTPHC3Impl.java:249)
> > at
> > org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:62)
> > at
> > org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1054)
> > at
> > org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1043)
> > at
> > org.apache.jmeter.threads.JMeterThread.process_sampler(JMeterThread.java:416)
> > at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:271)
> > at java.lang.Thread.run(Unknown Source)
> >
> > Regards,
> >
> >
> > > Date: Mon, 28 May 2012 10:27:26 -0300
> > > Subject: Re: Certificate Based Authentication
> > > From: flaviocysne@gmail.com
> > > To: user@jmeter.apache.org
> > >
> > > Have you tried with truststore configuration commented? Leave keystore as
> > > you configured.
> > > Truststore in JMeter 2.6, by default, is using trust all certificates
> > > policy, then there is no need to configure it.
> > >
> > > Have you tried without these configurations and adding the certificate on
> > > JMeter's SSL Manager and Keystore configuration component, to be sure
> > that
> > > your personal certificate is valid?
> > >
> > > Be sure to add to keysore a valid .p12 or .pfx certificate, it has to
> > > contain your private key and not only your public key.
> > >
> > > Hope it helps you.
> > > Flávio Cysne
> > >
> > > 2012/5/28 Frank Wilson <zo...@hotmail.com>
> > >
> > > >
> > > > Hi all
> > > >
> > > > I'm trying to access a site that uses Certificate Based
> > > > Authentication (it also uses SSL encryption). I would like to set up
> > the
> > > > Proxy Recorder to record the basis of the script but I can't seem to
> > > > get it to work. I am using JMeter 2.6 with Java6 but could upgrade
> > > > either if need be.
> > > >
> > > > The problem appears to be that I am not
> > > > passing a Client Certificate to the application server. The Proxy
> > server
> > > > is using default setting except for the HTTP Sampler setting - type
> > > > which I have set to HttpClient3.1. I have modified the
> > system.properties
> > > > to include the following:
> > > >
> > > > javax.net.ssl.keyStore="C:/my_new_keystore.jks"
> > > > javax.net.ssl.keyStorePassword=password
> > > > javax.net.ssl.trustStore="C:/my_new_truststore.jks"
> > > > javax.net.ssl.trustStorePassword=password
> > > >
> > > > The file my_new_keystore.jks contains the Client certificate required
> > to
> > > > authenticate as as a specific user.
> > > > The file my_new_truststore.jks contains the SSL certificate of the
> > server.
> > > > Is this required?
> > > >
> > > > When recording the test I get the following error:
> > > > javax.net.ssl.SSLException: java.lang.NullPointerException at
> > > > sun.security.ssl.Alerts.getSSLException(Unknown Source) at
> > > > sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at
> > > > sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at
> > > > sun.security.ssl.SSLSocketImpl.handleException(Unknown Source) at
> > > > sun.security.ssl.SSLSocketImpl.handleException(Unknown Source) at
> > > > sun.security.ssl.AppOutputStream.write(Unknown Source) at
> > > > java.io.BufferedOutputStream.flushBuffer(Unknown Source) at
> > > > java.io.BufferedOutputStream.flush(Unknown Source) at
> > > >
> > > >
> > org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828)
> > > > at
> > > >
> > > >
> > org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116)
> > > > at
> > > >
> > > >
> > org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
> > > > at
> > > >
> > > >
> > org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
> > > > at
> > > >
> > > >
> > org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
> > > > at
> > > >
> > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
> > > > at
> > > >
> > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
> > > > at
> > > >
> > > >
> > org.apache.jmeter.protocol.http.sampler.HTTPHC3Impl.sample(HTTPHC3Impl.java:249)
> > > > at
> > > >
> > > >
> > org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:62)
> > > > at
> > > >
> > > >
> > org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1054)
> > > > at org.apache.jmeter.protocol.http.proxy.Proxy.run(Proxy.java:236)
> > Caused
> > > > by:
> > > > java.lang.NullPointerException at
> > > >
> > > >
> > org.apache.jmeter.util.keystore.JmeterKeyStore.getAlias(JmeterKeyStore.java:139)
> > > > at
> > > >
> > > >
> > org.apache.jmeter.util.JsseSSLManager$WrappedX509KeyManager.chooseClientAlias(JsseSSLManager.java:380)
> > > > at sun.security.ssl.AbstractKeyManagerWrapper.chooseClientAlias(Unknown
> > > > Source)
> > > > at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source) at
> > > > sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) at
> > > > sun.security.ssl.Handshaker.processLoop(Unknown Source) at
> > > > sun.security.ssl.Handshaker.process_record(Unknown Source) at
> > > > sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at
> > > > sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
> > at
> > > > sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source) ... 14 more
> > > >
> > > > Could anyone explain what else I am missing?
> > > >
> > > >
> > > > Thanks,
> > > >
> > > > Frank
> > > >
> >
> >
Re: Certificate Based Authentication
Posted by Flavio Cysne <fl...@gmail.com>.
Have you got any problem after you added keystore back into
system.properties?
Regards,
Flávio Cysne
2012/5/29 Frank Wilson <zo...@hotmail.com>
>
> Thanks Flávio
> I removed the trust store config because it wasn't required and followed
> the steps you listed.
> First I tried used the SSL Manager and Keystore configuration. In my logs
> I was getting the error listed below.The problem was due to my
> configuration of the Keystore Configuration, the start index was set to 1.
> My first (and only) certificate used an alias of 1 (which I believe is
> unrelated to the index). The Keystore Configuration uses a zero-based
> index.I have change this and everything is working fine. Finally I added
> the keystore back into my properties file again.
> Regards,
> Frank
> 2012/05/30 10:54:37 ERROR - jmeter.util.SSLManager: Problem loading
> keystore: No key(s) found java.lang.Exception: No key(s) found at
> org.apache.jmeter.util.keystore.JmeterKeyStore.load(JmeterKeyStore.java:100)
> at org.apache.jmeter.util.SSLManager.getKeyStore(SSLManager.java:126) at
> org.apache.jmeter.util.JsseSSLManager.createContext(JsseSSLManager.java:232)
> at
> org.apache.jmeter.util.JsseSSLManager.getContext(JsseSSLManager.java:198)
> at
> org.apache.jmeter.util.HttpSSLProtocolSocketFactory.getSSLSocketFactory(HttpSSLProtocolSocketFactory.java:105)
> at
> org.apache.jmeter.util.HttpSSLProtocolSocketFactory.createSocket(HttpSSLProtocolSocketFactory.java:149)
> at
> org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707)
> at
> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387)
> at
> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
> at
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
> at
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
> at
> org.apache.jmeter.protocol.http.sampler.HTTPHC3Impl.sample(HTTPHC3Impl.java:249)
> at
> org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:62)
> at
> org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1054)
> at
> org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1043)
> at
> org.apache.jmeter.threads.JMeterThread.process_sampler(JMeterThread.java:416)
> at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:271)
> at java.lang.Thread.run(Unknown Source)
>
> Regards,
>
>
> > Date: Mon, 28 May 2012 10:27:26 -0300
> > Subject: Re: Certificate Based Authentication
> > From: flaviocysne@gmail.com
> > To: user@jmeter.apache.org
> >
> > Have you tried with truststore configuration commented? Leave keystore as
> > you configured.
> > Truststore in JMeter 2.6, by default, is using trust all certificates
> > policy, then there is no need to configure it.
> >
> > Have you tried without these configurations and adding the certificate on
> > JMeter's SSL Manager and Keystore configuration component, to be sure
> that
> > your personal certificate is valid?
> >
> > Be sure to add to keysore a valid .p12 or .pfx certificate, it has to
> > contain your private key and not only your public key.
> >
> > Hope it helps you.
> > Flávio Cysne
> >
> > 2012/5/28 Frank Wilson <zo...@hotmail.com>
> >
> > >
> > > Hi all
> > >
> > > I'm trying to access a site that uses Certificate Based
> > > Authentication (it also uses SSL encryption). I would like to set up
> the
> > > Proxy Recorder to record the basis of the script but I can't seem to
> > > get it to work. I am using JMeter 2.6 with Java6 but could upgrade
> > > either if need be.
> > >
> > > The problem appears to be that I am not
> > > passing a Client Certificate to the application server. The Proxy
> server
> > > is using default setting except for the HTTP Sampler setting - type
> > > which I have set to HttpClient3.1. I have modified the
> system.properties
> > > to include the following:
> > >
> > > javax.net.ssl.keyStore="C:/my_new_keystore.jks"
> > > javax.net.ssl.keyStorePassword=password
> > > javax.net.ssl.trustStore="C:/my_new_truststore.jks"
> > > javax.net.ssl.trustStorePassword=password
> > >
> > > The file my_new_keystore.jks contains the Client certificate required
> to
> > > authenticate as as a specific user.
> > > The file my_new_truststore.jks contains the SSL certificate of the
> server.
> > > Is this required?
> > >
> > > When recording the test I get the following error:
> > > javax.net.ssl.SSLException: java.lang.NullPointerException at
> > > sun.security.ssl.Alerts.getSSLException(Unknown Source) at
> > > sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at
> > > sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at
> > > sun.security.ssl.SSLSocketImpl.handleException(Unknown Source) at
> > > sun.security.ssl.SSLSocketImpl.handleException(Unknown Source) at
> > > sun.security.ssl.AppOutputStream.write(Unknown Source) at
> > > java.io.BufferedOutputStream.flushBuffer(Unknown Source) at
> > > java.io.BufferedOutputStream.flush(Unknown Source) at
> > >
> > >
> org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828)
> > > at
> > >
> > >
> org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116)
> > > at
> > >
> > >
> org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
> > > at
> > >
> > >
> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
> > > at
> > >
> > >
> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
> > > at
> > >
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
> > > at
> > >
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
> > > at
> > >
> > >
> org.apache.jmeter.protocol.http.sampler.HTTPHC3Impl.sample(HTTPHC3Impl.java:249)
> > > at
> > >
> > >
> org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:62)
> > > at
> > >
> > >
> org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1054)
> > > at org.apache.jmeter.protocol.http.proxy.Proxy.run(Proxy.java:236)
> Caused
> > > by:
> > > java.lang.NullPointerException at
> > >
> > >
> org.apache.jmeter.util.keystore.JmeterKeyStore.getAlias(JmeterKeyStore.java:139)
> > > at
> > >
> > >
> org.apache.jmeter.util.JsseSSLManager$WrappedX509KeyManager.chooseClientAlias(JsseSSLManager.java:380)
> > > at sun.security.ssl.AbstractKeyManagerWrapper.chooseClientAlias(Unknown
> > > Source)
> > > at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source) at
> > > sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) at
> > > sun.security.ssl.Handshaker.processLoop(Unknown Source) at
> > > sun.security.ssl.Handshaker.process_record(Unknown Source) at
> > > sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at
> > > sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
> at
> > > sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source) ... 14 more
> > >
> > > Could anyone explain what else I am missing?
> > >
> > >
> > > Thanks,
> > >
> > > Frank
> > >
>
>
RE: Certificate Based Authentication
Posted by Frank Wilson <zo...@hotmail.com>.
Thanks Flávio
I removed the trust store config because it wasn't required and followed the steps you listed.
First I tried used the SSL Manager and Keystore configuration. In my logs I was getting the error listed below.The problem was due to my configuration of the Keystore Configuration, the start index was set to 1. My first (and only) certificate used an alias of 1 (which I believe is unrelated to the index). The Keystore Configuration uses a zero-based index.I have change this and everything is working fine. Finally I added the keystore back into my properties file again.
Regards,
Frank
2012/05/30 10:54:37 ERROR - jmeter.util.SSLManager: Problem loading keystore: No key(s) found java.lang.Exception: No key(s) found at org.apache.jmeter.util.keystore.JmeterKeyStore.load(JmeterKeyStore.java:100) at org.apache.jmeter.util.SSLManager.getKeyStore(SSLManager.java:126) at org.apache.jmeter.util.JsseSSLManager.createContext(JsseSSLManager.java:232) at org.apache.jmeter.util.JsseSSLManager.getContext(JsseSSLManager.java:198) at org.apache.jmeter.util.HttpSSLProtocolSocketFactory.getSSLSocketFactory(HttpSSLProtocolSocketFactory.java:105) at org.apache.jmeter.util.HttpSSLProtocolSocketFactory.createSocket(HttpSSLProtocolSocketFactory.java:149) at org.apache.commons.httpclient.HttpConnection.open(HttpConnection.java:707) at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:387) at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397) at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323) at org.apache.jmeter.protocol.http.sampler.HTTPHC3Impl.sample(HTTPHC3Impl.java:249) at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:62) at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1054) at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1043) at org.apache.jmeter.threads.JMeterThread.process_sampler(JMeterThread.java:416) at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:271) at java.lang.Thread.run(Unknown Source)
Regards,
> Date: Mon, 28 May 2012 10:27:26 -0300
> Subject: Re: Certificate Based Authentication
> From: flaviocysne@gmail.com
> To: user@jmeter.apache.org
>
> Have you tried with truststore configuration commented? Leave keystore as
> you configured.
> Truststore in JMeter 2.6, by default, is using trust all certificates
> policy, then there is no need to configure it.
>
> Have you tried without these configurations and adding the certificate on
> JMeter's SSL Manager and Keystore configuration component, to be sure that
> your personal certificate is valid?
>
> Be sure to add to keysore a valid .p12 or .pfx certificate, it has to
> contain your private key and not only your public key.
>
> Hope it helps you.
> Flávio Cysne
>
> 2012/5/28 Frank Wilson <zo...@hotmail.com>
>
> >
> > Hi all
> >
> > I'm trying to access a site that uses Certificate Based
> > Authentication (it also uses SSL encryption). I would like to set up the
> > Proxy Recorder to record the basis of the script but I can't seem to
> > get it to work. I am using JMeter 2.6 with Java6 but could upgrade
> > either if need be.
> >
> > The problem appears to be that I am not
> > passing a Client Certificate to the application server. The Proxy server
> > is using default setting except for the HTTP Sampler setting - type
> > which I have set to HttpClient3.1. I have modified the system.properties
> > to include the following:
> >
> > javax.net.ssl.keyStore="C:/my_new_keystore.jks"
> > javax.net.ssl.keyStorePassword=password
> > javax.net.ssl.trustStore="C:/my_new_truststore.jks"
> > javax.net.ssl.trustStorePassword=password
> >
> > The file my_new_keystore.jks contains the Client certificate required to
> > authenticate as as a specific user.
> > The file my_new_truststore.jks contains the SSL certificate of the server.
> > Is this required?
> >
> > When recording the test I get the following error:
> > javax.net.ssl.SSLException: java.lang.NullPointerException at
> > sun.security.ssl.Alerts.getSSLException(Unknown Source) at
> > sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at
> > sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at
> > sun.security.ssl.SSLSocketImpl.handleException(Unknown Source) at
> > sun.security.ssl.SSLSocketImpl.handleException(Unknown Source) at
> > sun.security.ssl.AppOutputStream.write(Unknown Source) at
> > java.io.BufferedOutputStream.flushBuffer(Unknown Source) at
> > java.io.BufferedOutputStream.flush(Unknown Source) at
> >
> > org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828)
> > at
> >
> > org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116)
> > at
> >
> > org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
> > at
> >
> > org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
> > at
> >
> > org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
> > at
> > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
> > at
> > org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
> > at
> >
> > org.apache.jmeter.protocol.http.sampler.HTTPHC3Impl.sample(HTTPHC3Impl.java:249)
> > at
> >
> > org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:62)
> > at
> >
> > org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1054)
> > at org.apache.jmeter.protocol.http.proxy.Proxy.run(Proxy.java:236) Caused
> > by:
> > java.lang.NullPointerException at
> >
> > org.apache.jmeter.util.keystore.JmeterKeyStore.getAlias(JmeterKeyStore.java:139)
> > at
> >
> > org.apache.jmeter.util.JsseSSLManager$WrappedX509KeyManager.chooseClientAlias(JsseSSLManager.java:380)
> > at sun.security.ssl.AbstractKeyManagerWrapper.chooseClientAlias(Unknown
> > Source)
> > at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source) at
> > sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) at
> > sun.security.ssl.Handshaker.processLoop(Unknown Source) at
> > sun.security.ssl.Handshaker.process_record(Unknown Source) at
> > sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at
> > sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at
> > sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source) ... 14 more
> >
> > Could anyone explain what else I am missing?
> >
> >
> > Thanks,
> >
> > Frank
> >
Re: Certificate Based Authentication
Posted by Flavio Cysne <fl...@gmail.com>.
Have you tried with truststore configuration commented? Leave keystore as
you configured.
Truststore in JMeter 2.6, by default, is using trust all certificates
policy, then there is no need to configure it.
Have you tried without these configurations and adding the certificate on
JMeter's SSL Manager and Keystore configuration component, to be sure that
your personal certificate is valid?
Be sure to add to keysore a valid .p12 or .pfx certificate, it has to
contain your private key and not only your public key.
Hope it helps you.
Flávio Cysne
2012/5/28 Frank Wilson <zo...@hotmail.com>
>
> Hi all
>
> I'm trying to access a site that uses Certificate Based
> Authentication (it also uses SSL encryption). I would like to set up the
> Proxy Recorder to record the basis of the script but I can't seem to
> get it to work. I am using JMeter 2.6 with Java6 but could upgrade
> either if need be.
>
> The problem appears to be that I am not
> passing a Client Certificate to the application server. The Proxy server
> is using default setting except for the HTTP Sampler setting - type
> which I have set to HttpClient3.1. I have modified the system.properties
> to include the following:
>
> javax.net.ssl.keyStore="C:/my_new_keystore.jks"
> javax.net.ssl.keyStorePassword=password
> javax.net.ssl.trustStore="C:/my_new_truststore.jks"
> javax.net.ssl.trustStorePassword=password
>
> The file my_new_keystore.jks contains the Client certificate required to
> authenticate as as a specific user.
> The file my_new_truststore.jks contains the SSL certificate of the server.
> Is this required?
>
> When recording the test I get the following error:
> javax.net.ssl.SSLException: java.lang.NullPointerException at
> sun.security.ssl.Alerts.getSSLException(Unknown Source) at
> sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at
> sun.security.ssl.SSLSocketImpl.fatal(Unknown Source) at
> sun.security.ssl.SSLSocketImpl.handleException(Unknown Source) at
> sun.security.ssl.SSLSocketImpl.handleException(Unknown Source) at
> sun.security.ssl.AppOutputStream.write(Unknown Source) at
> java.io.BufferedOutputStream.flushBuffer(Unknown Source) at
> java.io.BufferedOutputStream.flush(Unknown Source) at
>
> org.apache.commons.httpclient.HttpConnection.flushRequestOutputStream(HttpConnection.java:828)
> at
>
> org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2116)
> at
>
> org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1096)
> at
>
> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
> at
>
> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
> at
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
> at
> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
> at
>
> org.apache.jmeter.protocol.http.sampler.HTTPHC3Impl.sample(HTTPHC3Impl.java:249)
> at
>
> org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:62)
> at
>
> org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1054)
> at org.apache.jmeter.protocol.http.proxy.Proxy.run(Proxy.java:236) Caused
> by:
> java.lang.NullPointerException at
>
> org.apache.jmeter.util.keystore.JmeterKeyStore.getAlias(JmeterKeyStore.java:139)
> at
>
> org.apache.jmeter.util.JsseSSLManager$WrappedX509KeyManager.chooseClientAlias(JsseSSLManager.java:380)
> at sun.security.ssl.AbstractKeyManagerWrapper.chooseClientAlias(Unknown
> Source)
> at sun.security.ssl.ClientHandshaker.serverHelloDone(Unknown Source) at
> sun.security.ssl.ClientHandshaker.processMessage(Unknown Source) at
> sun.security.ssl.Handshaker.processLoop(Unknown Source) at
> sun.security.ssl.Handshaker.process_record(Unknown Source) at
> sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source) at
> sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source) at
> sun.security.ssl.SSLSocketImpl.writeRecord(Unknown Source) ... 14 more
>
> Could anyone explain what else I am missing?
>
>
> Thanks,
>
> Frank
>