You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jmeter-dev@jakarta.apache.org by bu...@apache.org on 2002/09/24 14:42:42 UTC

DO NOT REPLY [Bug 12955] New: - SSLManager does not read ClientCertificates

DO NOT REPLY TO THIS EMAIL, BUT PLEASE POST YOUR BUG 
RELATED COMMENTS THROUGH THE WEB INTERFACE AVAILABLE AT
<http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12955>.
ANY REPLY MADE TO THIS MESSAGE WILL NOT BE COLLECTED AND 
INSERTED IN THE BUG DATABASE.

http://nagoya.apache.org/bugzilla/show_bug.cgi?id=12955

SSLManager does not read ClientCertificates

           Summary: SSLManager does not read ClientCertificates
           Product: JMeter
           Version: 1.7.3
          Platform: Other
        OS/Version: Other
            Status: NEW
          Severity: Normal
          Priority: Other
         Component: Main
        AssignedTo: jmeter-dev@jakarta.apache.org
        ReportedBy: daniel.giebener@helaba.de


Hi,
with a selfmade patch to jmeter's DefaultKeyStore I finally have 
success to use jmeter on a SSL Site with ClientCert-Authentication. Wow !!

I used JDK1.4.0

here's the bugfix in org/apache/jmeter/util/keystore/DefaultKeyStore.java

public void load(InputStream is, String pword)
    throws Exception {
        store.load(is, pword.toCharArray());
        PrivateKey key = null;
        X509Certificate[] certChain = null;
        
        Enumeration aliases = store.aliases(); 
        while (aliases.hasMoreElements()) 
        {
            //I have added this line
            this.alias = (String) aliases.nextElement(); // <---- this is new 
            if (store.isKeyEntry(alias)) 
            {
                key = (PrivateKey) store.getKey(alias, pword.toCharArray());
                Certificate[] chain = store.getCertificateChain(alias);
                certChain = new X509Certificate[chain.length];

// I have removed this line
//                this.alias = (String) aliases.nextElement();

                for (int i = 0; i < chain.length; i++) {
                    certChain[i] = (X509Certificate) chain[i];
                }
                break;
            }
        }


It was quite hard to find that bug, it was a nullpointer exception,
because in org/apache/jmeter/util/SSLManager at getKeyStore()
it catches all exceptions made by the DefaultKeyStore 
but does not log it. I would suggest log that exceptions.

            try {
                File initStore = new File(fileName);

                if (initStore.exists()) {
                    try {
                        this.keyStore.load(new FileInputStream(initStore), 
password);
                    } catch (Exception e) {
                        throw new RuntimeException("Can't load KeyStore!!!  " + 
e.getMessage());
                    }
                } else {
                    this.keyStore.load(null, password);
                }
            } catch (Exception e) {

//<<--- !! this two lines are new !!!
               System.out.println("error while loading:"+e);
               e.printStackTrace();
            }

the same thing where it loads the trustedcerts at getTrustStore().

Thank you very much for your great work, I love this piece of software.

Dan

--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>