SSL certificate parameters #39
Comments
|
The JMETER_FLAGS are passed to Gru here: Lines 160 to 161 in f9f4459 This has been a recent change, so I a wondering if you might have an older Lucy image. Can you try the following to see if you have the latest?
|
Thanks for the quick reply, I am running the latest lucy, I've also tried CSV file test case, and I can confirm that the whole /plans folder are being copied to ECS since the CSV tests are running fine. So I guess my question now is, does "JMETER_FLAGS=-Djavax.net.ssl.keyStore=/plans/someCert.p12" this System property line need to be added to the minions as well? in order to run the ssl related test. |
|
OK, I understand the scenario now. Currently, JMETER_FLAGS are only passed to Gru. Passing JMETER_FLAGS to the Minions is straightforward and would be a simple edition to |
|
I have the change coded but not yet tested. If you want to give it a try, change your
|
|
Hi @dsperling , I have just run the 'smithmicro/lucy:feature-39', but still got 401s in my test. And I lwent through the jmeter-server.log files in both of my minions, I don't see the line 'Setting System property: javax.net.ssl.keyStore=/plans/someCert.p12' which is there in the Gru jmeter.log |
|
Strike 1. |
|
Hi @dsperling here is my test file and cert file. Please just use it as your debug purpose. |
|
Hi @dsperling any update on this issue? |
|
Code changes may not be required assuming the --globalproperty (-G) switch works as advertised. Try using the production lucy:latest and change your JMETER_FLAGS variable to: You should see the following in your log: Does this work for you? |
|
There is a missing piece. In order to unlock the keystore remotely, we will need to pass the following variable: Could you send the password for your .p12 file sent previously? |
|
Hi @dsperling, I didn't set the password for this certificate. Also I tried -G on latest Lucy. Still got unauthorized. Also "-G" says it's global property, not sure if it's the same as System properties(-D).. Really appreciate your help. |
|
Hi @dsperling , I edited the entrypoint.sh for jmeter. Added the properties in the "# run jmeter in server (minion) mode" section. And it's working now. Thanks, |
|
Just to confirm, you are using jmeter-ecs/jmeter/entrypoint.sh Line 69 in f9f4459 to read: Correct? |
|
Glad it is working now. I was looking into the password required for the .p12 file since when I run the following locally on JMeter using: I am asked for a password when running the plan.
I could see how your local keystore might cache the password, but am wondering how JAVA inside the Docker image knows the keystore password. Are you using the identical test.p12 file that you sent me, or something different? |
|
Hi @dsperling, it failed for me without password too. So I added a password to the certificate. Then it was working fine. Also the screenshot you sent seems like you were trying on GUI mode, try using Non-Gui mode, and you may not need the password. Thanks, |
|
I was only trying GUI mode to ensure I could run your JMX first. Are you comfortable in sharing your .p12 password out of band? |
Hi, so the server I am testing against needs ssl certificate. I am aware that we can copy the whole /plans folder to ECS now. So I copied the p12 file into the /plans folder, and added "--env JMETER_FLAGS=-Djavax.net.ssl.keyStore=/plans/someCert.p12 " to add as system properties when running lucy.
After running it, the result are still all 401. And going throught the logs, The log on Gru has "Setting System property: javax.net.ssl.keyStore=/plans/.....p12" line, but the logs on minions don't have this line. So just wondering if the variable line I added is enough or is there some changes need to be made?
The text was updated successfully, but these errors were encountered: