BreadcrumbHomeResourcesBlog How To Set Your JMeter Load Test To Use Client Side Certificates July 23, 2021 How to Set Your JMeter Load Test to Use Client Side CertificatesOpen Source AutomationBy Refael BotbolLearn about client-side performance testing using JMeter, which allows you to test an application's response for different clients using different platforms. Table of ContentsWhat is Client-side Performance Testing Using JMeter? How to Run Client-Side Performance Testing using JMeter Benefits of Client-side Performance Testing Using JMeterTable of Contents1 - What is Client-side Performance Testing Using JMeter? 2 - How to Run Client-Side Performance Testing using JMeter 3 - Benefits of Client-side Performance Testing Using JMeterBack to topWhat is Client-side Performance Testing Using JMeter? Client-side performance testing using JMeter allows you to test an application's response for different clients using different platforms such as mobile, desktop, tablet, smart TV, etc. with JMeter. Client-side metrics can check interaction speed, location and connection speed.Many times when performance testing an application you need to use certificates for security reasons to perform your tests. If you need to use certificates to provide HTTPS requests for your load testing there are two options: 1. Use a server-side client certificateThis requires the least amount of work. You use the server to encrypt and decrypt the data. However, occasionally the web application requires a client-side certificate due to security policies. 2. Use a client-side certificateClient-side certificates are sometimes required because they are the best way for a server to "know" exactly who is connecting. One of the most common examples we see of this today is within large IT enterprises. Internal users must install and present a certificate when communicating with the server in order to receive authorization to log into the enterprise’s IT system. Fortunately, we can use JMeter to simulate this form of secure communication. Back to topHow to Run Client-Side Performance Testing using JMeter JMeter supports client-side JKS and PKCS12 certificates ‘out-of-the-box’. It does this by using the SSL Manager to select the certificate when running in GUI mode. To use the PKCS12 certificate, make sure that the extension of the file is .p12 (e.g : mykeystore.p12). The other extension will be treated as a JKS (Java KeyStore) certificate. If you want to run your script using BlazeMeter (JMeter in non-GUI), take the following steps to allow your script to run with your client-side certificate: 1. Create a Java KeyStore file (e.g. mykeystore.jks).If you have a PKCS12 file, use the following command line to convert it to a JKS file: keytool -importkeystore -srckeystore certificate.p12 -srcstoretype PKCS12-srcstorepass -keystore-storepass 2. Go to your JMeter directory and open your system.properties file.There, uncomment the following lines, and change the file to match your values: javax.net.ssl.keyStore=javax.net.ssl.keyStorePassword=yourJKSpassword You can also use the -D option to pass these values straight from the command line.For example:-D javax.net.ssl.keyStore=your_JKS_filename.jks -D javax.net.ssl.keyStorePassword=yourJKSpassword 3. Change your HTTP sampler implementation to Java (instead of HC3.1 or HC4).You should now be able to run your script successfully. If you plan to use BlazeMeter, upload your JMX, JKS file (with no spaces) to your BlazeMeter test.Then pass the javax.net.ssl.keyStore and javax.net.ssl.keyStorePassword values through the command line parameters. Press save...and you’re ready to go! 4. Verify your script successfully created the KeyStore load your JKS certificate into it.To do this, view your JMeter log file (if you’re using BlazeMeter - click on the ‘Logs’ tab in your test report and select a log file) You should see lines similar to these: 2013/12/12 13:13:49 INFO - jmeter.util.SSLManager: JmeterKeyStore Location: mykeystore.jks type JKS2013/12/12 13:13:49 INFO - jmeter.util.SSLManager: KeyStore created OK2013/12/12 13:13:49 INFO - jmeter.util.SSLManager: Total of 1 aliases loaded OK from keystore Back to topBenefits of Client-side Performance Testing Using JMeterSometimes you need to use a client-side certificate because it is the best way for a server to "know" exactly who is connecting to the server. One of the most common examples we see today is in large enterprises. Internal users must install and present a certificate when communicating with the server in order to receive authorization to log into the enterprise's IT system. Fortunately, JMeter can simulate this type of secure communication. BlazeMeter can help you perform client-side performance testing using JMeter easily by following the steps in this blog. START TESTING NOWRelated Resources: Performance Testing vs. Load Testing vs. Stress TestingJMeter Performance Testing: Upload and Download ScenariosBack to top
Refael Botbol VP of Customer Service, UP9 Inc. Refael Botbol is the Director of Professional Services for BlazeMeter and manages the delivery of BlazeMeter’s Enterprise projects. He has nearly 15 years of end-to-end experience, ranging from development and system engineering up to customer-facing positions. His proficiency includes operating systems and performance testing, leading multiple web-based platforms projects, including technologies such as Apache, JBoss, Microsoft IIS, IBM WebSphere, and complete deployment in enterprises including high familiarity with implementation needs.
