In this article we will discuss about how to configure JMeter to utilize client side certificate to confirm each request. This will make each request signed and encrypted. I believe readers are well aware about the JMeter tool and HTTP request protocol.

INTRODUCTION

HTTPS request is placed by using HTTP protocol, and then covering it with a SSL encryption layer over it. In this case, Servers clients still talk the very same HTTP to one another, however over a protected SSL layer. SSL layer provides encryption and decryption of server and client request & response. Handshaking is used to set up SSL connection between server and client. After the contact is established between server and client, server has to provide its identity to the client through a certificate.

Also, in cases client is required to prove its identity to the server. And these are called client side certificates. Basically, client side certificates are utilized to authenticate the users. To place HTTPS request through JMeter, there is a need to use client side certificates.

JKS (Java Keystore) and PKCS12 are storage for security certificates. These certificates are supported by JMeter. PKCS12 certificates have extension as .p12 and JKS file as .jks. In order to make sure that Java reads all the certificates, they are kept in Java Keystore.

Now we look into the following steps to complete the entire configuration process of JMeter:

1. Making a Java keystore file (eg. keystore.jks)

In order to convert .p12 file into .jks file, following command is used:

keytool -importkeystore -srckeystore certificate.p12 -srcstoretype PKCS12

-srcstorepass <certificate_password> -keystore <keystore_filename>

-storepass <stored_password>

2. Reaching to JMeter directory and opening system.properties file

Here, to match the file values we need to uncomment the following lines:

javax.net.ssl.keyStore=<JKS_filename.jks>

javax.net.ssl.keyStorePassword=JKSpassword

3. Configuring JMeter

To utilize personal keystore to sign HTTPS request though look complex but is a very simple process. Lets understand this further in steps:

Step 1: Create a simple Test plan with a thread group

Step 2: Add HTTP Request sampler for placing request on server

Give careful consideration to the Implementation and Protocol fields .

Step 3: Now add Keystore Configuration element under HTTP Request

cert_name is not a variable name. JMeter here takes only the variable name and for this csv file and JMeter element CSV data set config. is used.

Step 4: Add CSV data set config under thread group and pick value of variable name from csv file :

Place JMeter script file .jmx and csv file at the same location. This solution is very good if we have lot of certificates and lot of variables.

Step 5: In the final step, point JMeter at the keystore we need to utilize.

Click Options --> SSL Manager and select the <keystore_filename> keystore that we made and press Enter.

After doing all the setup, we run the script, enter password set for keystore password and each request now placed JMeter will be signed.

Happy Testing:)