Jmeter certificate not working in most sites - firefox

After I installed the Jmeter Certificate I still see error for missing certificate. I can access few sites which I couldn't before installing the certificate, but still in most sites I get the error. I use FireFox and Jmeter 5.4.1. How to fix this errors after I already have installed certificate?

Your "not working" statement doesn't tell the full story, I can think of one possible reason:
You visited a web site over HTTPS protocol before installing JMeter's certificate
You're trying to open the same web site after installing JMeter certificate
Firefox detects certificates mismatch and prevents the website from opening
The easiest solution is to completely delete your browsing history or if you don't want to do this create a new "clean" Firefox profile which will be used just for recording purposes.
More information: Recording HTTPS Traffic with JMeter's Proxy Server
Also be aware of JMeter Chrome Extension, in this case you won't have to worry about proxies and certificates.

Related

java.net.SocketException: Software caused connection abort: recv failed **ensure browser is set to accept the JMeter proxy certificate**

I am using Jmeter 5.4.1 with Java 1_8_301 and Firefox 91.0. I have imported the ApacheJMeterTemporaryRootCA into Firefox browser and this certificate is generated today and valid.
I have set up proxy settings in my Firefox browser. This testing is done on Windows and my web application uses a client certificate which I converted through keytool into PKCS12 format and added the following to the system.properties under Jmeter-Home\bin
My web app is loading fine without proxy but when I try to record getting the below error.
java.net.SocketException: Software caused connection abort: recv failed **ensure browser is set to accept the JMeter proxy certificate**
I am not sure what I am missing here. I have been through all solutions mentioned in this regard and I am exhausted all my options now. I have been successful in recording using BlazeMeter but my company is not allowing me to use the Chrome extension for security reasons.
Note:
Also, I forgot to add that the Jmeter recording working fine before. Started noticing issues after our java
is upgraded from jdk_1.8.291 to jdk_1.8.301. I checked the difference
between the two and both support TLS1.2 which is what our app uses and tried
to downgrade to v291 didn't work either.
Log:
Problem with SSL certificate for URL for 'XXXXX'? Ensure browser is set to accept the JMeter proxy cert: java.net.SocketException: Software caused connection abort: recv failed
It's quite hard to say what's wrong without seeing your jmeter.log file with debug logging enabled for the HTTP(S) Test Script Recorder.
I can think of 2 options:
Double check the way you're importing the certificate into your browser, i.e. try recording a website with HTTPS without client certificate, i.e. https://example.com. If it fails - you will need to properly install the JMeter's certificate prior to proceeding with your application recording
If it will be successful for other HTTPS website but not for the particular your application most probably you need to import your client certificate into Firefox browser as well
As the last resort you can inspect the requests using Firefox "network" tab and generate relevant HTTP Request samplers manually. There is also BlazeMeter JMX Converter service which can transform HAR files into .JMX scripts but I think the same security restrictions will apply.

NET::ERR_CERT_AUTHORITY_INVALID Error with Chrome 66 using Apache JMeter as Proxy

Above mentioned privacy error is displaying while I tried to record some scenarios in Apache JMeter 4.0. I have installed ApacheJMeterTemporaryRootCA certificate in my local bin path of JMeter folder and imported in Trusted Root Certification Authorities folder in chrome.
And myself using Chrome : Version 66.0.3359.27 (Official Build) dev (32-bit) to recording purpose in JMeter. Also given 8080 as a port number in both proxy settings in chrome and JMeter - Test Script Recorder.
Still can't understand why I can't record several actions, as I did same thing in previous versions of Apache JMeter. So please let me know the solution for it.
You can use the following workarounds:
Just type badidea anywhere in the page and you will be able to proceed.
Launch Chrome with --ignore-certificate-errors command-line argument
Switch to alternative way of recording a JMeter test using i.e. JMeter Chrome Extension, in this case you won't have to worry about configuring proxies and/or SSL certificates.

Record HTTPS requests of a mobile IOS/Android application with JMeter

Is it possible to record httpS requests of a native app (IOS or Android) with JMeter? I tried some ways that I found but, I've not resolved the problem..
Use jmeter 3 with Java 7 or 8, it creates a crt file in jmeter/bin folder. It is the CA that creates the certificates.
Send this file by mail and open it in Android / iOS then install it.
In test script recorder, put in the dedicated field HTTPS domains , the domains you are trying to hit, see:
-http://jmeter.apache.org/usermanual/component_reference.html#HTTP(S)_Test_Script_Recorder
Restart Ipad/Android and jmeter test script recorder and try again.
to do this, you have to make your device trust the Jmeter Proxy CA.
So, you have to import the Jmeter CA certificate from
$JmeterHome/bin/ApacheJMeterTemporaryRootCA.crt
into the device.
I remember this is an area where things improved a lot recently, so be sure to have the last version installed.
Try deleting ApacheJMeterTemporaryRootCA.crt, JMeter's self-signed certificates have very limited life time (I recall something like 1 week), so if your certificate is older you might have problems installing it into browsers and/or mobile devices or it won't decrypt SSL traffic. The file will be re-created next time you start HTTP(S) Test Script Recorder
There is an alternative way of recording the mobile traffic by using your personal cloud proxy. Moreover, it will perform automatic correlation for you so you won't have to worry not only about SSL certificates, but also about Regular Expression extractor, JMeter Variables, etc. Check out How to Cut Your JMeter Scripting Time by 80% article for details.
If none of the above helps, take the following troubleshooting steps:
Add View Results Tree listener as a child of the HTTP(S) Test Script Recorder. In case of any problems with the recording a request it should display the error details.
Check your mobile device logs during failed certificate installation attempt. You may need to install Android and iOS developer tools for this.
Make sure that your application is really uses HTTP or HTTPS protocols as JMeter supports only these 2.

Jmeter Probably waiting for user to authorize the certificate

All
When i am trying to record https urls with jmeter, i am getting below message in log:
jmeter.protocol.http.proxy.Proxy: [64432] Empty response to http over SSL. Probably waiting for user to authorize the certificate for XXXXXXX:443.
Its not loading any pages of our application.
Can anyone please help me how to resolve this issue?Thanks
Theju
First read:
http://jmeter.apache.org/usermanual/jmeter_proxy_step_by_step.pdf
http://jmeter.apache.org/usermanual/component_reference.html#HTTP%28S%29_Test_Script_Recorder
Among resolutions for your issue:
Install in the browser as described in documentation the Fake Certification Authority created by JMeter
Call https URL in the browser and accept certificate, then start recording your scenario
Have you added JMeter's self-signed certificate to browser's exception list?
If so - try removing the certificate and starting over.
For other troubleshooting options and recommendations see Recording HTTPS Traffic with JMeter's Proxy Server guide.
I suggest using SmartMeter Recorder. You will avoid all isues with setting up the proxy. SmartMeter Recorder uses its own Chrome plugin and works out of the box. Read the article for more info.
First of all for performance testing you should have application setup without the certificates otherwise you are testing results will differ. Your objective should be to test actual calls and those should be isolated.
If you still insist doing with certificate then you need to register JMeter certificate with browser which you are using for recording. You can find that in JMeter bin directory. Just register with your browser which you are using fir recording.

JMeter "Content encoding Error" when using FireFox and HTTP(S) Test Script recorder

I am trying to configure Mozilla Firefox for JMeter 5 and as I am setting up manual proxy in Firefox and same proxy number in JMeter.
I installed the special certificate.
My Firefox is showing error as "Content encoding Error", when I open https://www.google.com website.
This is due to Brotli Encoding not being supported by JMeter Test Script Recorder in versions <= 5.0.
See:
https://bz.apache.org/bugzilla/show_bug.cgi?id=62842
The bug is now fixed in nightly build and in upcoming 5.1 version of JMeter.
To workaround, in Firefox, type about:config and input Content-Encoding:
Then remove br from the algorithms accepted.
Don't load test public applications unless you're a member of their QA team or have an explicit permission from the application owner. Most probably you will be at least stopped by DDoS protection mechanisms and your IP will be simply blacklisted which may cause problems for your neighbours if you're behind an ISP NAT.
Whenever JMeter fails to record something try out an alternative way - JMeter Chrome Extension which is a convenient way of intercepting browser traffic without having to configure proxy servers and installing certificates.

Resources