You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@jmeter.apache.org by Smruti Koyande <sm...@cateina.com> on 2022/07/15 05:40:28 UTC
Certificate error while running test
Hi,
I am getting the below error while running JSR223 Sampler. It just sends
one simple GET API request.
[image: image.png]
[image: image.png]
Regards,
Smruti Koyande
Re: Certificate error while running test
Posted by Deepak Goel <de...@gmail.com>.
The error is not clearly visible in the image shared by you.
Deepak
"The greatness of a nation can be judged by the way its animals are treated
- Mahatma Gandhi"
+91 73500 12833
deicool@gmail.com
Facebook: https://www.facebook.com/deicool
LinkedIn: www.linkedin.com/in/deicool
"Plant a Tree, Go Green"
Make In India : http://www.makeinindia.com/home
On Fri, Jul 15, 2022 at 12:43 PM Dmitri T <gl...@live.com> wrote:
> The error means that there is a problem with SSL certificate of the system
> you're testing.
>
> The reasons could be numerous:
>
> 1. Certificate has expired
> 2. Host mismatch
> 3. Self-signed
> 4. Untrusted
> 5. Revoked
> 6. Incomplete chain
> 7. etc.
>
> You can work it around either by importing the certificate of the endpoint
> you're testing into the truststore
> <https://www.baeldung.com/java-keystore-truststore-difference>and point
> JMeter to use this truststore via *javax.net.ssl.trustStore* system
> property. Truststore password can be set by
> *javax.net.ssl.trustStorePassword* system property. See Apache JMeter
> Properties Customization Guide
> <https://www.blazemeter.com/blog/jmeter-properties-customization> for
> more details.
>
> Another option is add the following snippet before you open the connection
> in your Groovy code:
>
>
> import javax.net.ssl.SSLContext;import javax.net.ssl.X509TrustManager;import javax.net.ssl.HttpsURLConnection;
> class TrustManager implements X509TrustManager {
> public java.security.cert.X509Certificate[] getAcceptedIssuers() { return null; }
> public void checkClientTrusted(java.security.cert.X509Certificate[] certs, String authType) { }
> public void checkServerTrusted(java.security.cert.X509Certificate[] certs, String authType) { }
> }
>
> TrustManager[] trustAllCerts = new TrustManager[1]
> trustAllCerts[0] = new TrustManager()SSLContext sc = SSLContext.getInstance("SSL");
> sc.init(null, trustAllCerts, new java.security.SecureRandom());
> HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
>
> and the error should go away.
>
> And the best (in my opinion) way is to use JMeter's HTTP Request <https://jmeter.apache.org/usermanual/component_reference.html#HTTP_Request> sampler, as per documentation <https://jmeter.apache.org/usermanual/get-started.html#opt_ssl>:
> *The JMeter HTTP samplers are configured to accept all certificates,
> whether trusted or not, regardless of validity periods, etc.*
> This is to allow the maximum flexibility in testing servers.
>
> Moreover you will get way more metrics like connect time, latency, hits per second, etc. out of the box so the process of results analysis will be easier.
>
>
>
> On 7/15/2022 7:40 AM, Smruti Koyande wrote:
>
> Hi,
>
> I am getting the below error while running JSR223 Sampler. It just sends
> one simple GET API request.
>
> [image: image.png]
>
> [image: image.png]
>
>
> Regards,
> Smruti Koyande
>
>
Re: Certificate error while running test
Posted by Dmitri T <gl...@live.com>.
The error means that there is a problem with SSL certificate of the
system you're testing.
The reasons could be numerous:
1. Certificate has expired
2. Host mismatch
3. Self-signed
4. Untrusted
5. Revoked
6. Incomplete chain
7. etc.
You can work it around either by importing the certificate of the
endpoint you're testing into the truststore
<https://www.baeldung.com/java-keystore-truststore-difference>and point
JMeter to use this truststore via *javax.net.ssl.trustStore* system
property. Truststore password can be set by
*javax.net.ssl.trustStorePassword* system property. See Apache JMeter
Properties Customization Guide
<https://www.blazemeter.com/blog/jmeter-properties-customization> for
more details.
Another option is add the following snippet before you open the
connection in your Groovy code:
|import javax.net.ssl.SSLContext; import javax.net.ssl.X509TrustManager;
import javax.net.ssl.HttpsURLConnection; class TrustManager implements
X509TrustManager { public java.security.cert.X509Certificate[]
getAcceptedIssuers() { return null; } public void
checkClientTrusted(java.security.cert.X509Certificate[] certs, String
authType) { } public void
checkServerTrusted(java.security.cert.X509Certificate[] certs, String
authType) { } } TrustManager[] trustAllCerts = new TrustManager[1]
trustAllCerts[0] = new TrustManager() SSLContext sc =
SSLContext.getInstance("SSL"); sc.init(null, trustAllCerts, new
java.security.SecureRandom());
HttpsURLConnection.setDefaultSSLSocketFactory(sc.getSocketFactory());
and the error should go away. And the best (in my opinion) way is to use
JMeter's HTTP Request
<https://jmeter.apache.org/usermanual/component_reference.html#HTTP_Request>
sampler, as per documentation
<https://jmeter.apache.org/usermanual/get-started.html#opt_ssl>: |
|*The JMeter HTTP samplers are configured to accept all certificates,
whether trusted or not, regardless of validity periods, etc.* This is to
allow the maximum flexibility in testing servers. Moreover you will get
way more metrics like connect time, latency, hits per second, etc. out
of the box so the process of results analysis will be easier. |
On 7/15/2022 7:40 AM, Smruti Koyande wrote:
> Hi,
>
> I am getting the below error while running JSR223 Sampler. It
> just sends one simple GET API request.
>
> image.png
>
> image.png
>
>
> Regards,
> Smruti Koyande
>
RE: Certificate error while running test
Posted by Jo...@wellsfargo.com.INVALID.
The trust store used by JMeter probably does not contain the certificate authority that signed the server’s certificate.
If you’re unsure which CA it is, just hit the endpoint in your browser.
By default, JMeter users the JDK’s trust store. If you’re hitting an internal server with a cert signed by your company’s own CA, you’ll need to add it to your trust store or create a new trust store and tell JMeter to use it.
From: Smruti Koyande <sm...@cateina.com>>
Date: Friday, Jul 15, 2022, 12:41 AM
To: JMeter Users List <us...@jmeter.apache.org>>
Subject: Certificate error while running test
Hi,
I am getting the below error while running JSR223 Sampler. It just sends one simple GET API request.
[image.png]
[image.png]
Regards,
Smruti Koyande