In Jmeter 2.13 am not able to start recording , am getting error not allowing me to record through Jmeter.
ERROR: Could not create script recorder -see log for details
Illegal option: -ext
Try keytool -help
'keytool -genkeypair -alias: root_ca: -dname "CN=_DO_NOT_INSTALL unless this is your certificate (JMeter root CA), OU=Username: , C=US" -keyalg RSA -keystore proxyserer.jks ..........
Please tell me how to resolve this error
Thanks in advance
Error Snapshot
You should upgrade to JDK 7 or higher to get rid of this error.
I would also recommend considering upgrading to the latest JMeter version (currently it is JMeter 3.1) as newer JMeter versions contain not only new features, but a lot of performance improvements and bug fixes.
Related
Is there any example/tutorial to build and configure TLS-secured restful service using quarkus.io?
Unfortunately I can not find one neither at quarkus documentation, no here.
Thanks mr. Guillaume Smet, I found the solution. Here is "from zero to hello in 5 minutes with Quarkus and SSL guide". This is done by quarkus undertow plugin. Also you will need text editor, jdk 1.8+ and maven installed.
Frist, create the project.
mkdir restls
cd restls
mvn io.quarkus:quarkus-maven-plugin:create -DprojectGroupId=org.acme -DprojectArtifactId=restls -DclassName="org.acme.HelloResource" -Dpath="/hello" -Dextensions="undertow"
Open your application config file src/main/resources/application.properties with any editor and add lines:
quarkus.http.port=80
quarkus.http.ssl-port=443
quarkus.http.ssl.certificate.key-store-file=keystore.jks
Create keystore containing self-signed certificate (answer all questions and specify password namelly "password"):
keytool -genkey -keyalg RSA -alias selfsigned -keystore keystore.jks -storepass password -validity 365 -keysize 2048
The file keystore.jks must be in the src/main/resources/ folder.
Build the project:
mvnw clean package quarkus:build
Now try it out:
java -jar target/restls-1.0-SNAPSHOT-runner.jar
Navigate to https://localhost/hello and allow your browser to trust certificate. That's all.
You can override options in invocation time like this:
java -Dquarkus.http.ssl.certificate.key-store-file=/path-to-keystore/keystore-name.jks -jar target/restls-1.0-SNAPSHOT-runner.jar
Finally, here is the concerning options list:
quarkus.http.ssl.certificate.file -- The file path to a server certificate or certificate chain in PEM format.
quarkus.http.ssl.certificate.key-file -- The file path to the corresponding certificate private key file in PEM format.
quarkus.http.ssl.certificate.key-store-file -- An optional key store which holds the certificate information instead of specifying separate files.
quarkus.http.ssl.certificate.key-store-file-type -- An optional parameter to specify type of the key store file. If not given, the type is automatically detected based on the file name.
You can specifiy either certificate + key files in PEM format or keystore.
It is indeed supported by our Undertow extension but, unfortunately, not documented.
You can define things like the following:
quarkus.http.ssl.certificate.file=...
quarkus.http.ssl.certificate.key-file=...
...
in your application.properties.
The config entry point is ServerSslConfig (see https://github.com/quarkusio/quarkus/blob/master/core/runtime/src/main/java/io/quarkus/runtime/configuration/ssl/ServerSslConfig.java#L41). You then add the nested properties with dots and transform camel-case to dashes.
If you want to build a native executable, there's a good chance you will have to add quarkus.ssl.native=true too.
If you have feedback or if you want to contribute a guide for that, feel free to join us on Zulip or open issues/PRs on GitHub.
I am following an article here, where it described how to use a cipher to encrypt spring boot application properties.
So based on the instruction, I downloaded and placed the JCE Java Cryptography Extension (JCE) files.
Then I created a keystore,
keytool -genkeypair -alias mytestkey -keyalg RSA
-dname "CN=Web Server,OU=Unit,O=Organization,L=City,S=State,C=US"
-keypass changeme -keystore server.jks -storepass letmein
-validity 365
After that, I copied the server.jks file in the Spring project resource folder and add the following properties to the bootstrap.properties file located under resource folder as well.
The content of the bootstrap.properties file looks as below:
encrypt.key-store.location: classpath:/server.jks
encrypt.key-store.password=letmein
encrypt.key-store.alias=mytestkey
encrypt.key-store.secret=changeme
Now when I run the application, I can easily encrypt or decrypt by making POST call to "http://localhost/encrypt" and "http://localhost/decrypt" endpoints.
And I can encrypt or decrypt successfully in the code using the TextEncryptor as well.
However when I encrypt some value and add the encrypted value to the application.properties, as shown below:
messageinfo={cipher}AQBt2RnIRqX1UrHGfvcJpQhfurqbxjGEgeHh....
When I run the application again I get
java.lang.IllegalStateException: Cannot decrypt: key=messageinfo
javax.crypto.BadPaddingException: Decryption error
I am not sure, how I can resolve this issue, any help appreciated.
I have managed to find the issue, it was issue related to Java environment, I had multiple Java SDK installed on my box, My JAVA_HOME (and PATH) was pointing to Java 11 SDK, so when I used the keytool to generate key, it was using Java 11.
However in my Spring Studio, it was pointing to Java 8 SDK, so when I ran the project it used the Java 8 to read and decrypt.
So After:
Uninstalled Java 11
Changed the JAVA_HOME (and PATH) to point to Java 8 SDK
Regenerated key using keytool
It started working fine.
All I get is javax.net.ssl.SSLHandshakeException: no cipher suites in common.
This is how to reproduce the behavior:
go to http://start.spring.io and add "Reactive Web" as dependency for Spring 2.0.1
unpack the archive
run keytool -genkeypair -keystore demo/src/main/resources/keystore.jks
Choose a password
Hit return as long as [Unknown] is the default, enter Yes when asked if CN=Unknown, OU=Unknown, ... is correct.
Use the same password for the key as for the keystore
add the following to application.properties
server.ssl.key-store=classpath:keystore.jks
server.ssl.key-store-password=<my-secure-pwd>
build and run the application
run curl https://localhost:8080
This is my first time adding SSL to a Spring Boot application and I think that something must be wrong - but I've no idea what. Maybe anyone of you could provide some help? Thanks!
Ok, turns out that you need to set the key algorithm to RSA in order to make this work.
keytool -genkeypair -keyalg RSA -keystore src/main/resources/keystore.jks
I recently downloaded and installed Jmeter 2.11. afterwards I tried the record functionality of the program, but that resulted in an error message:
“Could not create script recording proxy – see log for detail”.
I have try modifying the “environment variables”, but that does not help.
In the Log from the application the following message was shown.
2014/08/19 10:23:02 WARN - jmeter.protocol.http.proxy.ProxyControl: Could not open/read key store C:\apache-jmeter-2.11\bin\proxyserver.jks (The system cannot find the file specified)
2014/08/19 10:23:02 INFO - jmeter.protocol.http.proxy.ProxyControl: Creating Proxy CA in C:\apache-jmeter-2.11\bin\proxyserver.jks
2014/08/19 10:23:02 ERROR - jmeter.protocol.http.proxy.ProxyControl: Could not initialise key store java.io.IOException: Command :'keytool -genkeypair -alias :root_ca: -dname "CN=_ DO NOT INSTALL unless this is your certificate (JMeter root CA), OU=Username: TATG, C=US" -keyalg RSA -keystore proxyserver.jks -storepass {redacted) -keypass {redacted) -validity 7 -ext bc:c' failed, code: 1
Illegal option: -ext
Try keytool -help
at org.apache.jorphan.exec.KeyToolUtils.genkeypair(KeyToolUtils.java:168)
at org.apache.jorphan.exec.KeyToolUtils.generateProxyCA(KeyToolUtils.java:230)
I notice the proxyserver.jks is missing under the bin directory.
How can I resolve this problem or get a copy of this file(ie. hack the directory)?
Read this, it answers exactly this issue:
https://wiki.apache.org/jmeter/TestRecording210
We are running into SSL handshake issues with APNS on IBM worklight 6.1 running on CentOS 6.
We do not face any SSL related issues on Mac probably due to the fact that the required p12 cert is already present in the keychain on the OS.
The error encountered is:
com.notnoop.apns.internal.ApnsFeedbackConnection Failed to retreive invalid devices
javax.net.ssl.SSLHandshakeException: com.ibm.jsse2.util.j: End user tried to act as a CA
We have place the generated p12 file in the "apps" directory of worklight.
Not sure if this is the right way and worklight will pick this up.
We have verified that the p12 and the corresponding generated .pem file is fine by executing the following command and getting a "CONNECTED" response from apple servers:
openssl s_client -connect gateway.sandbox.push.apple.com:2195 -cert apns-dev-cert.pem -debug -showcerts -CAfile server-ca-cert.pem
Which makes me think that worklight may not be finding the correct p12 cert.
Also as we've read, worklight uses the "notnoop" library for APNS communication; and notnoop requires the location of the p12 to be defined.
Where do we specify this path? Is it in some configuration file of worklight?
Thanks!
If you are using IBM JDK 7, then it is a known bug which is fixed in IBM JDK 7.0.0 SR6. Either you can try with IBM JDK 7 SR6 onwards OR try replacing jre\lib\security\cacerts file in JDK 7 with jre\lib\security\cacerts file in JDK 6
Reference: http://www-01.ibm.com/support/docview.wss?uid=swg1IV43936