jmeter Received fatal alert: bad_record_mac https site - https

I'm new here, I'm having this issue using JMeter proxy while I'm trying to open a site https, it only occurs with the login page, the other pages load correctly, any help? Thanks!
I'm using jmeter proxy and the browser is firefox.
javax.net.ssl.SSLException: Received fatal alert: bad_record_mac
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.Alerts.getSSLException(Unknown Source)
at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source)
at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:436)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:643)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)
at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.executeRequest(HTTPHC4Impl.java:481)
at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.sample(HTTPHC4Impl.java:298)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:74)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1105)
at org.apache.jmeter.protocol.http.proxy.Proxy.run(Proxy.java:236)

It looks like that your jmeter configuration doesn't match your server configuration. This error usually indicates that SSLv3 enabled server is being tested using wrong SSL protocol from JMeter load generator side.
As far as I recall it defaults to TLS and it can be changed i.e. by adding following line to user.properties file which resides under /bin folder of your JMeter installation:
https.default.protocol=SSLv3
Alternatively you can launch JMeter providing this property as a command-line argument to JMeter startup script as follows:
jmeter -Jhttps.default.protocol=SSLv3 -n -t your.script.jmx -l your.script.log.jtl
See Apache JMeter Properties Customization Guide for more information on JMeter Properties and ways to play with them.
Hope this helps.

I assume you get this error while running/executing your test and not while recording the login scenario.
please check the following:
Click on the HTTP sampler for Login request
Check the PORT Number, since it is an https request it should be generally 443.
Hope this will help.

Related

Getting error - "java.io.IOException: Premature EOF" in JMeter

I am using JMeter 5.4.1, where I am using a HTTP request for Post API call. I am getting the error - "java.io.IOException: Premature EOF".
Keep-Alive is checked. Timeouts are also set to 60 Seconds. I am using single thread.
What is the solution to get raid of this?
java.io.IOException: Premature EOF
at sun.net.www.http.ChunkedInputStream.readAheadBlocking(Unknown Source)
at sun.net.www.http.ChunkedInputStream.readAhead(Unknown Source)
at sun.net.www.http.ChunkedInputStream.read(Unknown Source)
at java.io.FilterInputStream.read(Unknown Source)
at sun.net.www.protocol.http.HttpURLConnection$HttpInputStream.read(Unknown Source)
at org.apache.commons.io.input.ProxyInputStream.read(ProxyInputStream.java:102)
at java.io.BufferedInputStream.read1(Unknown Source)
at java.io.BufferedInputStream.read(Unknown Source)
at java.io.FilterInputStream.read(Unknown Source)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.readResponse(HTTPSamplerBase.java:1936)
at org.apache.jmeter.protocol.http.sampler.HTTPAbstractImpl.readResponse(HTTPAbstractImpl.java:530)
at org.apache.jmeter.protocol.http.sampler.HTTPJavaImpl.readResponse(HTTPJavaImpl.java:296)
at org.apache.jmeter.protocol.http.sampler.HTTPJavaImpl.sample(HTTPJavaImpl.java:567)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:66)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1296)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1285)
at org.apache.jmeter.threads.JMeterThread.doSampling(JMeterThread.java:638)
at org.apache.jmeter.threads.JMeterThread.executeSamplePackage(JMeterThread.java:558)
at org.apache.jmeter.threads.JMeterThread.processSampler(JMeterThread.java:489)
at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:256)
at java.lang.Thread.run(Unknown Source)
It's hard to say what's wrong, looking into the error it seems that you're getting an incomplete response.
If you can successfully execute this API call using browser or other API testing tool like SoapUI - make sure that JMeter sends the same HTTP Headers via HTTP Header Manager
You can also increase JMeter debug logging verbosity by adding the next line to log4j2.xml file
<Logger name="org.apache.jmeter.protocol.http" level="debug" />
JMeter restart will be required to pick the change up, once done you can check jmeter.log file for any suspicious entries
And last but not the least try switching to HttpClient4 implementation, the setting lives at "Advanced" tab of the HTTP Request sampler

Not able to record power bi embedding web application in JMeter .app.powerbi.com is throwing error

I am using Apache JMeter 5.3. I am facing issue when my application points connects to https://app.powerbi.com using proxy. I tried using behind the proxy, it didnt help.
Please help me with the error message
Error Message:
java.net.UnknownHostException: app.powerbi.com
at java.net.Inet6AddressImpl.lookupAllHostAddr(Native Method)
at java.net.InetAddress$2.lookupAllHostAddr(Unknown Source)
at java.net.InetAddress.getAddressesFromNameService(Unknown Source)
at java.net.InetAddress.getAllByName0(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at java.net.InetAddress.getAllByName(Unknown Source)
at org.apache.http.impl.conn.SystemDefaultDnsResolver.resolve(SystemDefaultDnsResolver.java:45)
at org.apache.http.impl.conn.DefaultHttpClientConnectionOperator.connect(DefaultHttpClientConnectionOperator.java:112)
at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl$JMeterDefaultHttpClientConnectionOperator.connect(HTTPHC4Impl.java:401)
at org.apache.http.impl.conn.PoolingHttpClientConnectionManager.connect(PoolingHttpClientConnectionManager.java:376)
at org.apache.http.impl.execchain.MainClientExec.establishRoute(MainClientExec.java:393)
at org.apache.http.impl.execchain.MainClientExec.execute(MainClientExec.java:236)
at org.apache.http.impl.execchain.ProtocolExec.execute(ProtocolExec.java:186)
at org.apache.http.impl.execchain.RetryExec.execute(RetryExec.java:89)
at org.apache.http.impl.execchain.RedirectExec.execute(RedirectExec.java:110)
at org.apache.http.impl.client.InternalHttpClient.doExecute(InternalHttpClient.java:185)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.executeRequest(HTTPHC4Impl.java:930)
at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.sample(HTTPHC4Impl.java:641)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:66)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1281)
at org.apache.jmeter.protocol.http.proxy.Proxy.run(Proxy.java:234)
Looking at java.net.Inet6AddressImpl.lookupAllHostAddr you're trying to get the IP address for app.powerbi.com using IPv6 implementation
And according to https://en.wikipedia.org/wiki/IPv6 the website doesn't support IPv6
You might want to restrict Java TCP/IP stack to IPv4 only by adding the next line to system.properties file:
java.net.preferIPv4Stack=true
JMeter restart will be required to pick up the property.
Alternatively you can consider using an alternative approach to recording: JMeter Chrome Extension, using it you won't have to worry about proxies, certificates, protocol versions, etc.

SocketException: Permission denied: connect in Jmeter

I am recording my client web application. Till 3-4 steps I am able to record but after clicking on one option. I am getting page of "Connect to network" while clicking on the connect button, it will open new tab were I am getting bellow error.
How to overcome this and proceed with recording?
java.net.SocketException: Permission denied: connect
at java.net.DualStackPlainSocketImpl.connect0(Native Method)
at java.net.DualStackPlainSocketImpl.socketConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source)
at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source)
at java.net.AbstractPlainSocketImpl.connect(Unknown Source)
at java.net.PlainSocketImpl.connect(Unknown Source)
at java.net.SocksSocketImpl.connect(Unknown Source)
at java.net.Socket.connect(Unknown Source)
at org.apache.http.conn.scheme.PlainSocketFactory.connectSocket(PlainSocketFactory.java:121)
at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
at `enter code here`org.apache.jmeter.protocol.http.sampler.hc.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:318)
at org.apache.jmeter.protocol.http.sampler.MeasuringConnectionManager$MeasuredConnection.open(MeasuringConnectionManager.java:114)
at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:610)
at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:445)
at org.apache.http.impl.client.AbstractHttpClient.doExecute(AbstractHttpClient.java:835)
at org.apache.http.impl.client.CloseableHttpClient.execute(CloseableHttpClient.java:83)
at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.executeRequest(HTTPHC4Impl.java:695)
at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.sample(HTTPHC4Impl.java:454)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:74)
at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1189)
at org.apache.jmeter.protocol.http.proxy.Proxy.run(Proxy.java:244)
Try adding the next line to system.properties file (lives in JMeter "bin" folder)
java.net.preferIPv4Stack=true
and restarting JMeter to pick the property up
Try upgrading to Java 8 and JMeter 3.3 (or whatever latest version is available at JMeter Downloads page)
Try the latest JMeter Nightly build
Going forward please include at least essential parts of jmeter.log file into your question so we could see JMeter version, Java version, etc.

Getting 'Received fatal alert: handshake_failure' exception when recording through JMeter

I am getting below error while recording the website through JMeter(2.13).
I am using Java JDK 1.8 installed.
A SSLv3-compatible ClientHello handshake - Found using fiddler.
Tried setting 'https.default.protocol=SSLv3' in jmeter.properties file but did not work.
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
at sun.security.ssl.Alerts.getSSLException(Unknown Source)at sun.security.ssl.Alerts.getSSLException(Unknown Source)at sun.security.ssl.SSLSocketImpl.recvAlert(Unknown Source)at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
You may have encountered the following JMeter bug: SSL SNI extension not supported by HttpClient 4.2.6
Il will be fixed in JMeter 3.0 as it uses HTTPclient 4.5.2.

Jersey + Weblogic - javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE

I am sitting second whole day on a problem and giving up. I have written a jersey client which works on Jetty, and doesnt work on Weblogic. The reason is propably hidden in certificate: CN = "*.somecompany.com". Weblogic doesnt like wildcards in CN. Does anybody has working solution for that ?
I added these to Weblogic start params, but Weblogic uses many other clients, so I dont want to add these parameter: ignoreHostnameVerification: -
-Dssl.debug=true -Dweblogic.security.SSL.ignoreHostnameVerification=true
-Dweblogic.security.SSL.enforceConstraints=off
-Dweblogic.nodemanager.sslHostNameVerificationEnabled=false
-Dweblogic.security.SSL.allowSmallRSAExponent=true
-Dweblogic.security.SSL.ignoreHostnameVerification=true
I also accessed a REST service using webbrowser and downloaded certificate to disk an then added it to truststore using keytool.. It still doesnt work.
The only and best way would be to write something custom that validate hostname?? Maybe this wildcard is a problem.. But I am newbie, no idea how to write it, a working example would be greatly appreciated, I won't be able to do it myself :/
Below are exceptions that I found (not sure which were present and when but it is still not working) I was trying to fix it by:
1) Importing whole certificate chain to truststore (Java and Weblogic truststores)
2) Adding starting parameters to Weblogic, but it is not a good solution
com.sun.jersey.api.client.ClientHandlerException: javax.net.ssl.SSLKeyException: FATAL
Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
com.sun.jersey.api.client.ClientHandlerException:
javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt
or unuseable certificate was received.
at
com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHa ndler.java:131)
at com.sun.jersey.api.client.Client.handle(Client.java:629)
at
com.sun.jersey.api.client.WebResource.handle(WebResource.java:601)
at
com.sun.jersey.api.client.WebResource.access$200(WebResource.java:74)
at
com.sun.jersey.api.client.WebResource$Builder.post(WebResource.java:507)
at
SECOND
with Severity: FATAL, Type: 42
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:140)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:154)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:358)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
at weblogic.net.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:702)
at weblogic.net.http.HttpURLConnection.getResponseCode(HttpURLConnection.java:962)
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler._invoke(URLConnectionClientHandler.java:217)
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:129)
at com.sun.jersey.api.client.Client.handle(Client.java:629)
at com.sun.jersey.api.client.WebResource.handle(WebResource.java:601)
at com.sun.jersey.api.client.WebResource.access$200(WebResource.java:74)
at com.sun.jersey.api.client.WebResource$Builder.post(WebResource.java:507)
at
THIRD
E7C0E2529308F> <> <1387573464164> <BEA-000000> <Failure loading trusted CA list
java.security.cert.CertificateParsingException: Could not set value for ASN.1 string object.
at com.certicom.security.cert.internal.x509.X509V3CertImpl.<init>(Unknown Source)
at com.certicom.tls.interfaceimpl.CertificateSupport.addTrustedCertificate(Unknown Source)
at com.certicom.net.ssl.SSLContext.addTrustedCertificate(Unknown Source)
at com.bea.sslplus.CerticomSSLContext.addTrustedCA(Unknown Source)
at weblogic.security.utils.SSLContextWrapper.addTrustedCA(SSLContextWrapper.java:62)
at weblogic.security.utils.SSLSetup.getSSLContext(SSLSetup.java:320)
at weblogic.net.http.HttpsClient.openServer(HttpsClient.java:334)
at weblogic.net.http.HttpsClient.New(HttpsClient.java:566)
at weblogic.net.http.HttpsURLConnection.getHttpClient(HttpsURLConnection.java:339)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:408)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
at weblogic.net.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:702)
at weblogic.net.http.HttpURLConnection.getResponseCode(HttpURLConnection.java:962)
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler._invoke(URLConnectionClientHandler.java:217)
at com.sun.jersey.client.urlconnection.URLConnectionClientHandler.handle(URLConnectionClientHandler.java:129)
at com.sun.jersey.api.client.Client.handle(Client.java:629)
at com.sun.jersey.api.client.WebResource.handle(WebResource.java:601)
at com.sun.jersey.api.client.WebResource.access$200(WebResource.java:74)
at com.sun.jersey.api.client.WebResource$Builder.post(WebResource.java:507)
at
try to add the site certificate to you weblogic truststore and then add the below param in your weblogic startup
-DUseSunHttpHandler=true
-Dssl.SocketFactory.provider=sun.security.ssl.SSLSocketFactoryImpl
-Dssl.ServerSocketFactory.provider=sun.security.ssl.SSLSocketFactoryImpl
i have a problem like yours and by this post i solve it
Cannot access HTTPS from Weblogic
Issue fixed by adding these entry in JVM arguments
"-Dweblogic.security.SSL.nojce=true"
"-Dweblogic.ssl.JSSEEnabled=true"
"-Dweblogic.security.SSL.enableJSSE=true"

Resources