Jmeter client certificate setting gives 403 error - jmeter

Im using apache jmeter 5.3
My remote service requires client certificate when making calls.
I followed the steps pointed in this article[1] (Options-->SSL manager , and selected my cert, provided password)
But still I get 403. Anyone can help?
Same certificate is working when I configure it via Postman.
[1]https://jmeter.apache.org/usermanual/component_reference.html#SSL_Manager

HTTP Status code 403 means "Forbidden", in other words:
The server recognizes the user as the valid one (authentication passes)
However the server doesn't allow the user to access the particular resource (authorization fails)
Also be aware that SSL Manager will work in GUI mode only, if you're running your test in command-line non-GUI mode you will need to put the path to the keystore and the password into system.properties file, see How to Set Your JMeter Load Test to Use Client Side Certificates article for more details.
In case of problems take a look at jmeter.log file, normally it contains sufficient amount of troubleshooting information, if it doesn't - your can always increase log level verbosity for the component(s) you're interested in.

Related

Jmeter Script recorder with Firefox not letting user bypass Authentication

I have an issue I'm facing which Jmeter Script recorder and Firefox browser in Windows 10.
I have managed to add a project in Jmeter with the Recorder template and imported the generated
Certificate into the Firefox browser and also changed the proxy settings to point to the port
I have in Jmeter Test script recorder (8888) by changing the proxy to manual configuration.
But when I start recording I get to a point in where I need to authenticate myself at a certain point in a webpage (a prompt showing up) and I also enter the correct credentials but it just keeps redirecting back to the prompt all over again so I can't bypass it.
Are there settings I should change in some of the Jmeter properties files?
I need to say that the computer I'm trying this with has proxy settings which are fixed and cant be changed when looking into wifi settings in control panel
JMeter provides HTTP Authorization Manager to deal with external authentication types like
basic HTTP
NTLM
Kerberos
So if you want to record the end-to-end flow you need to add properly configured HTTP Authorization Manager to your recording template test plan. The configuration details will differ depending on the server configuration, see Windows Authentication with Apache JMeter article for more details (you will need this setup in any case for replaying the recorded scripts)
Alternative solutions:
Disable proxy for this particular login request like:
Record all the steps including login - it will produce relevant HTTP Request samplers
Disable proxy
Perform login
Enable proxy
Continue recording
Use a 3rd-party recording solution like JMeter Chrome Extension

SSL Handshake Exception while Load test using Jmeter in Jenkins

Hi I am integrating the Jmeter with the opeshift pipeline using Jenkins to test my API(https). When the Jmeter is trying to send the request to the API I am getting following error:
Non HTTP response code: javax.net.ssl.SSLHandshakeException - Non HTTP response message: java.security.cert.CertificateException: No name matching <> found
I have tried steps to ignore the SSL certificate verification but I am unable to bypass the process.
I have created a spring boot project to run the load test as a pipeline. I am using <groupId>com.lazerycode.jmeter</groupId> and using the the jmeter file with extension .jmx to run in jenkins.
As per SSL Encryption chapter of JMeter Documentation:
The JMeter HTTP samplers are configured to accept all certificates, whether trusted or not, regardless of validity periods, etc. This is to allow the maximum flexibility in testing servers.
If the server requires a client certificate, this can be provided.
So by default JMeter will trust all certificates no matter of their validity, incomplete chain, subject not matching dns hostname, etc.
If might be the case that your application requires JMeter to send client certificate for security reasons, it can be done either using SSL Manager or providing the relevant system properties pointing to the keystore where the certificate lives. See How to Set Your JMeter Load Test to Use Client Side Certificates article for more details

JMeter recording - 'ERR_SSL_PROTOCOL_ERROR' and 'Software caused connection abort: socket write error'

I'm new in JMeter and my topic seems to be very similar to another ones already existing. However, it is not - I was trying already all the solutions for the errors that I get and nothing works :/
I have already set up all proxy settings and certificates, and it's working fine (with the same settings) on the other VM.
Outside the recording, I can see proper 'No Internet' warning:
enter image description here
However, once started recording, there are errors in the console and the front end of the application does not look like originally:
enter image description here
Please help! I've already done all the recommendations for clearing caches, SSL, removing files in Windows32 archive and so on...
You should try recording your script using Blazemeter Chrome Extension. Hope, this resolve your issue.
It might be the case there are differences in machines themselves, not in JMeter settings, for example this No Internet message most probably means that the browser is connected to JMeter's proxy server, but JMeter itself cannot connect to the internet.
Try creating a simple manual Test Plan with a single HTTP Request sampler to open http://example.com website. If the request will be successful - you will need to double check your browser and JMeter configuration. However if you get the UnknownHostException instead it may mean that:
Networking configuration of the machine is incorrect (it cannot access the Internet)
The machine requires an upstream Proxy server in order to be able to access Internet resources so you will need to make JMeter aware of this proxy server by passing appropriate command line arguments to the JMeter startup script:
jmeter -E https -H my.proxy.server -P 8000 -u username -a password -N localhost
in order to make the changes permanent you can define:
http.proxyScheme
http.proxyHost
http.proxyPort
https.proxyHost
https.proxyPort
in system.properties file and http.proxyDomain in user.properties file, check out Apache JMeter Properties Customization Guide for more information on JMeter properties and ways of setting and overriding them

Why website is not accessible by clicking on login button while recording it with proxy server using Jmeter?

I have set up a proxy server and trying to record a script by adding "http script recorder", but the problem is I am able to access a website but not able to login.
my website has been loaded but once I enter credentials and click on the login button then a website is not behaving, login button also not responding.
In case of any problems with JMeter first of all you should look at jmeter.log file, if anything goes wrong JMeter normally writes an error message to this log file which in majority of cases is enough to get to the bottom of the issue.
With regards to your problem, my expectation is that login normally uses HTTPS protocol and you need to perform some extra configuration so JMeter would be able to intercept and decrypt HTTPS traffic.
You need to install JMeter's self-signed certificate to your browser, the file is called ApacheJMeterTemporaryRootCA.crt and it's being generated in "bin" folder of your JMeter installation when you start JMeter proxy.
You just need to import it into your browser and it should resolve you issue. Follow your browser documentation to learn more about certificates installation processes, some hints are also given in the HTTPS recording and certificates chapter of the HTTP(S) Test Script Recorder JMeter User Manual entry.
Alternative way is using JMeter Chrome Extension, in this case you won't have to worry about proxies and certificates so the recording process will be faster and easier.

Jmeter Probably waiting for user to authorize the certificate

All
When i am trying to record https urls with jmeter, i am getting below message in log:
jmeter.protocol.http.proxy.Proxy: [64432] Empty response to http over SSL. Probably waiting for user to authorize the certificate for XXXXXXX:443.
Its not loading any pages of our application.
Can anyone please help me how to resolve this issue?Thanks
Theju
First read:
http://jmeter.apache.org/usermanual/jmeter_proxy_step_by_step.pdf
http://jmeter.apache.org/usermanual/component_reference.html#HTTP%28S%29_Test_Script_Recorder
Among resolutions for your issue:
Install in the browser as described in documentation the Fake Certification Authority created by JMeter
Call https URL in the browser and accept certificate, then start recording your scenario
Have you added JMeter's self-signed certificate to browser's exception list?
If so - try removing the certificate and starting over.
For other troubleshooting options and recommendations see Recording HTTPS Traffic with JMeter's Proxy Server guide.
I suggest using SmartMeter Recorder. You will avoid all isues with setting up the proxy. SmartMeter Recorder uses its own Chrome plugin and works out of the box. Read the article for more info.
First of all for performance testing you should have application setup without the certificates otherwise you are testing results will differ. Your objective should be to test actual calls and those should be isolated.
If you still insist doing with certificate then you need to register JMeter certificate with browser which you are using for recording. You can find that in JMeter bin directory. Just register with your browser which you are using fir recording.

Resources