On 01/02/07, sebb <[EMAIL PROTECTED]> wrote:
On 29/01/07, xue wu <[EMAIL PROTECTED]> wrote:
> Hi all,
> I want to use Jmeter to test a https website. I installed and exported
> the certificate of that site as a cer file and imported this cer file
> to the cacert keystore under jre/lib/security. and then in the
> jmeter.properties file i stated like this:
>
> ssl.provider=com.sun.net.ssl.internal.ssl.Provider
> ssl.pkgs=com.sun.net.ssl.internal.www.protocol
> javax.net.ssl.keyStore=C:\Program Files\Java\jdk1.6.0\jre\lib\security\cacerts
> javax.net.ssl.keyStorePassword=changeit
Should be no need to do that.
> When I run Jmeter, I always got the error "Couldn't load keystore
> java.lang.Exception: No key found"
Not sure what causes this problem, but the message can be ignored, as
the sampler still works for me.
I've discovered that this happens when you don't provide a keystore.
JMeter creates an empty keystore. It then searches it for keys, but of
course does not find any! The error message should only be generated
for actual keystores.
[I'm in the process of fixing this and producing better error messages]
> I also tried to create a new keystore and paste it to
> jre/lib/security, but it did not make any difference.
> Does anyone know what else should I do to make the Jmeter work
> properly with https web site?
So long as you are using Java 1.4.2 or later JMeter should work "out
of the box" with any https web-site that uses a certificate signed by
an authority known to Java.
If the authority is not known to Java, you will have to tell Java
about it (as you have done).
Actually you don't have to do this, as the JMeter SSLManager installs
a very lenient TrustManager that trusts everything.
The HTTP Sampler can handle self-signed certificates; however the HTTP
HttpClient Sampler cannot yet do so.
I've just about got this working.
Furthermore if you mix HTTP and HTTP HttpClient samplers in the same
test plan, the HttpClient samplers will stop working if there is a
previous HTTP Sampler that connects to a self-signed site... [I need
to create a Bugzilla for this].
I think I've found a fix for that.
S///
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
