JMeter https proxy recording not working

2020-07-11 07:18发布

问题:

I am recording a https session of a JSF based web app on JMeter and it's not working.

Target application is hosted on: AWS
JMeter version: 2.9 r1437961
Browser: Chrome version 29.0.1547.65
Java: java version "1.6.0_27"
OpenJDK Runtime Environment (IcedTea6 1.12.5) (6b27-1.12.5-0ubuntu0.12.04.1)
OpenJDK Server VM (build 20.0-b12, mixed mode)
OS: Ubuntu 12.04

Proxy server config:
Port: 8084
Target Controller: Test Plan > Thread Group
Capture HTTP headers is checked.
HTTP Sample settings:
Type: not selected. Follow Redirects and Use KeepAlive checked.

URL patterns to exclude:
1. Added Suggested Excludes
2. .*\.jsf

Exceptions that are getting thrown (from JMeter.log):

ERROR - jmeter.protocol.http.proxy.Proxy:  java.net.SocketException: Connection closed by remote host
    at sun.security.ssl.SSLSocketImpl.checkWrite(SSLSocketImpl.java:1377)
    at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:62)
    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
    at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
    at org.apache.jmeter.protocol.http.proxy.Proxy.writeToClient(Proxy.java:404)
    at org.apache.jmeter.protocol.http.proxy.Proxy.run(Proxy.java:218)

ERROR - jmeter.protocol.http.proxy.Proxy: Problem with SSL certificate? Ensure browser is set to accept the JMeter proxy cert: Connection closed by remote host java.net.SocketException: Connection closed by remote host
    at sun.security.ssl.SSLSocketImpl.checkWrite(SSLSocketImpl.java:1377)
    at sun.security.ssl.AppOutputStream.write(AppOutputStream.java:62)
    at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:82)
    at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:140)
    at org.apache.jmeter.protocol.http.proxy.Proxy.writeToClient(Proxy.java:404)
    at org.apache.jmeter.protocol.http.proxy.Proxy.run(Proxy.java:218)


The steps I am following are:
1. Set proxy server pointing to 8084.
2. Change proxy settings from chrome: Set https proxy to 8084.
3. Disabled all chrome extensions and chrome account.
4. Started jmeter proxy server and hit https://url/login
5. Certificate confirmation page appears on browser. Meanwhile, jmeter.log shows:

   2013/09/11 13:16:30 INFO  - jmeter.protocol.http.proxy.Daemon: Creating Daemon Socket on port: 8084 
2013/09/11 13:16:30 INFO  - jmeter.protocol.http.proxy.Daemon: Proxy up and running! 
2013/09/11 13:22:39 INFO  - jmeter.protocol.http.proxy.Proxy: Proxy will remove the headers: If-Modified-Since,If-None-Match,Host 
2013/09/11 13:22:39 INFO  - jmeter.protocol.http.proxy.Proxy: Opened Keystore file: /home/abhijeet/Automation_Dev/LoadAutomation/Jmeter/apache-jmeter-2.9/bin/proxyserver.jks 
2013/09/11 13:22:39 INFO  - jmeter.protocol.http.proxy.Proxy: KeyStore for SSL loaded OK and put host in map (clients4.google.com) 
2013/09/11 13:22:39 INFO  - jmeter.protocol.http.proxy.Proxy: Opened Keystore file: /home/abhijeet/Automation_Dev/LoadAutomation/Jmeter/apache-jmeter-2.9/bin/proxyserver.jks 
2013/09/11 13:22:39 INFO  - jmeter.protocol.http.proxy.Proxy: KeyStore for SSL loaded OK and put host in map (translate.googleapis.com) 
2013/09/11 13:22:40 INFO  - jmeter.protocol.http.sampler.HTTPHCAbstractImpl: Local host = abhijeet-desktop 
2013/09/11 13:22:40 INFO  - jmeter.protocol.http.sampler.HTTPHC4Impl: HTTP request retry count = 1 
2013/09/11 13:22:40 INFO  - jmeter.protocol.http.sampler.HTTPHC4Impl: Setting up HTTPS TrustAll scheme 
2013/09/11 13:22:40 INFO  - jmeter.protocol.http.proxy.FormCharSetFinder: Using htmlparser version: 2.0 (Release Build Sep 17, 2006)<br>

6. Thread group starts showing unknown requests to these domains:

1. translate.googleapis.com
2. clients4.google.com
3. www.google.co.in
4. www.google.com
5. ssl.gstatic.com
6. safebrowsing.google.com
7. alt1-safebrowsing.google.com
8. clients4.google.com
9. www.gstatic.com
.
.
n all other requests going to the target application.

(For every request the above exceptions are thrown)

I believe, the google domain requests above are getting recorded because chrome is dynamically searching the keywords on google, while I am typing the url string in the address bar. But I don't want these requests to get recorded in the Thread Group.

Also, I tried the solutions from these pages but they didn't work for me:
Link 1
Link 2
Link 3

I don't understand, why is JMeter not able to use the fake certificate that it already has. I checked the SSL settings in chrome and I could not find any JMeter certificates. Need help!!

回答1:

To do it in chrome/IE we have to place the certificate into 'Trusted Root Certificates Store'

  • Double click the certificate created
  • Certificate Import Wizard opens
  • Click Next
  • Select Second radio button (Place All Certificates in the following store)
  • Click Browse and select 'Trusted Root Certificates Authorities'. Click Next
  • Click Finish

Check your certificate installed in Chrome Settings (under Http/SSL) - Manage certificates.. (Trusted Root Certificates Authorities Tab)

This should at cure the exceptions thrown as your screenshot shows.



回答2:

I have the same problem and solve it to trust the certificate. Just like you when i look at the

Options > Advanced > Certificates > View Certificates ==> Authorities

and couldn't see a name ApacheJMeterRootCertificate.crt or a related name, but i realize that there is a name something like

_DO NOT INSTALL unless this is your certificate

I click this object and 'Edit_Trust' both item under this object. I share my screenshot. I hope this can be help you and others.

I use Firefox. At chrome there should be similar way to edit the certificate.



回答3:

jmeter 2.12 has good support for HTTPS. Under the WorkBench, just select Add -> Non-Test Elements -> HTTP(S) Test Script Recorder. This version worked first time for me.



回答4:

Latest versions of Google Chrome made difficult to bypass security settings to avoid security Threats as Phishing or Man-in-the-middle attacks.

I have successfully configured Google Chrome (v.54.0) to allow JMeter Self-Signed Certificate for HTTP(S) Recording.

Here the instructions (on Windows):

  1. Open MMC console (SUPER + R, Type mmc, Press Enter)
  2. Select File Add/Remove Snap-in
  3. Select Certificates Snap-in for Current User
  4. Select Trusted Root Certification Authorities >> Certificates
  5. Right-click over Certificates folder and select All Tasks >> Import...
  6. Import JMeter Self-Signed certificate using the wizard keeping the default options.
  7. Once installed, right-click over JMeter Self-Signed certificate and select Properties
  8. On General tab, make sure Enable for all purposes option is selected
  9. On Cross-Certificates, include the URL of the application you want to record (make sure you enter the full url, e.g. https://www.live.com)
  10. Close all windows.
  11. Done. You should now be able to reach the destination bypassing Chrome security alert and start recording.