'JMeter Recorder is not working with HTTPS

Please before you say this has been asked on stack overflow, I have looked at each one of the answers and none of them are working as a solution.

No matter what I do HTTPS websites not working with JMeter recorder.

Using FireFox 63.03 Using JMeter 5.0 Mac OS

Here are my steps: (https://www.youtube.com/watch?v=amEHuq8auTU)

1). Create New Test Plan
2). Added a thread group
3). Added HTTP(S) recorder
4). Using port 8282 (tried 8080 earlier so trying others)
5). redirect automatically, follow redirects checked
6). Select HTTPS test script recorder for target controller
7) Add the HTTPS site (without the https)
8). Click Start
9). Getting prompted that ApacheJMeterTemporaryRootCA.crt is created
10. Triple checked that all previous ApacheJMeterTemporaryRootCA.crt are deleted in firefox cert settings
11). Install the new certificate with the two permissions checked (identify websites, identify users)
12). Now when I go to the site that I added in step 7. I get :
jmeter SSL received a record that exceeded the maximum permissible length. Error code: SSL_ERROR_RX_RECORD_TOO_LONG in the browser.

When I check the jmeter logs:

I get: 

2018-11-23 13:14:48,287 INFO o.a.j.p.h.p.Proxy: [50795]  KeyStore for SSL loaded OK and put host 'blue.mysite.com' in map with key (blue.mysite.com)
2018-11-23 13:14:48,308 INFO o.a.j.p.h.s.h.LazyLayeredConnectionSocketFactory: Setting up HTTPS TrustAll Socket Factory
2018-11-23 13:14:48,313 INFO o.a.j.u.JsseSSLManager: Using default SSL protocol: TLS
2018-11-23 13:14:48,313 INFO o.a.j.u.JsseSSLManager: SSL session context: per-thread
2018-11-23 13:14:48,326 INFO o.a.j.u.SSLManager: JmeterKeyStore Location:  type JKS
2018-11-23 13:14:48,326 INFO o.a.j.u.SSLManager: KeyStore created OK
2018-11-23 13:14:48,327 WARN o.a.j.u.SSLManager: Keystore file not found, loading empty keystore
2018-11-23 13:14:49,606 INFO o.a.j.p.h.p.Proxy: [50788]  KeyStore for SSL loaded OK and put host 'www.google.com' in map with key (www.google.com)
2018-11-23 13:14:49,613 WARN o.a.j.p.h.p.Proxy: [50788]  Problem with SSL certificate for url  for 'www.google.com'? Ensure browser is set to accept the JMeter proxy cert: readHandshakeRecord
2018-11-23 13:14:49,613 WARN o.a.j.p.h.p.Proxy: [50790]  Problem with SSL certificate for url  for 'www.google.com'? Ensure browser is set to accept the JMeter proxy cert: readHandshakeRecord
2018-11-23 13:14:49,613 WARN o.a.j.p.h.p.Proxy: [50789]  Problem with SSL certificate for url  for 'www.google.com'? Ensure browser is set to accept the JMeter proxy cert: readHandshakeRecord
2018-11-23 13:14:56,059 INFO o.a.j.p.h.p.ProxyControl: [50805]  Creating entry getpocket.cdn.mozilla.net in /usr/local/Cellar/jmeter/5.0/libexec/bin/proxyserver.jks
2018-11-23 13:14:59,048 INFO o.a.j.p.h.p.Proxy: [50805]  KeyStore for SSL loaded OK and put host 'getpocket.cdn.mozilla.net' in map with key (getpocket.cdn.mozilla.net)
2018-11-23 13:14:59,184 ERROR o.a.j.p.h.p.Proxy:
javax.net.ssl.SSLProtocolException: Broken pipe (Write failed)

I have done this a lot of times and have played around with settings. Nothing seems to work. I even switched the url to 'https://yahoo.com' and to another personal site 'https://lawyeranalytix.com' thinking maybe the site I am trying to test has a flawed SSL implementation but it is the same with any SSL enabled site.

ssljmeterjmeter-pluginsjmeter-4.0


Solution 1:[1]

Problem with SSL certificate for url for 'www.google.com'? Ensure browser is set to accept the JMeter proxy cert

It appears that you failed to install JMeter's certificate to Firefox.

Try clearing your Firefox history and ensure to delete everything from the beginning of the time - it will include custom certificates. Restart Firefox once done.

Check out the following materials:

Also be aware of the alternative ways of recording a JMeter test:

Solution 2:[2]

There seems to be an issue between the JMeter proxy recorder and TLS 1.4. I solved the issue by limiting the Firefox TLS version to 1.3.

To do this :

  • Go to about:config in Firefox

  • Set security.tls.version.fallback-limit and security.tls.version.max to 3.

Then I was able to record as expected.

Solution 3:[3]

Try to downgrade to oracle java jdk 10, it solved the problem for me.

for further reference:

https://support.portswigger.net/customer/portal/questions/17434431-gettin-error-code-ssl-error-rx-record-too-long

EDIT: or use openjdk 8

Solution 4:[4]

  1. Remove the expired certificate.
  2. Import new certificate from bin folder.
  3. Verify certificate date is valid. Then you will be able to work with HTTPS.

Solution 5:[5]

With jmetter, you can record over firexfox. However, if defining a proxy is complicated for you, you can use Loadium Record & Play Chrome Extension. You can access it from the link below.

https://chrome.google.com/webstore/detail/loadium-extension/eecaejegccegjjjngokgelmehfkmpico?hl=tr&authuser=0

Sources

This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.

Source: Stack Overflow

Solution Source
Solution 1 Dmitri T
Solution 2 kalehmann
Solution 3
Solution 4 SandyII
Solution 5 BatuhanZafer

Related Questions

Secure cookies flag always getting lost in first session after resetting IIS

Solving sslv3 alert handshake failure when trying to use a client certificate

Nginx the event was not signaled for 5s

Getting error "403 - Forbidden: Access is denied" on browser when user is NOT administrator

Disable SSLHandshakeException for a single connection

How to fix ssl.SSLError: [SSL: WRONG_VERSION_NUMBER] wrong version number (_ssl.c:1056)?

tls unsigned certificate when using terraform

Library not loaded: /opt/local/lib/libssl.1.0.0.dylib (LoadError)

SSL certificate error for IE users only

Mongodb SSL - unable to get issuer certificate

Where can I find the WAMP error log?

How to convert certificate from PEM to JKS?

CondaHTTPError: HTTP 000 CONNECTION FAILED for url - Anaconda

Getting Chrome to accept self-signed localhost certificate

"ssl module in Python is not available" when installing package with pip3