Monday, October 17, 2011

Monday, October 10, 2011

JMeter, BeanShell, and Portecle ( and Bouncy Castle)

Discovered a very cool feature to JMeter.

You can embed Java scripting into JMeter; specifically BeanShell Sampler. BeanShell Sampler uses the BeanShell scripting language, which, when used in JMeter - allows you to write Java inside JMeter for specialized test scripts you might need to run.

Since I do a lot of security testing I need to access more specialized cryptographic libraries when using JMeter. BeanShell Sampler allows me one way to do security testing.

Since security testing involves truststores and key stores, I could use keytool on the command line but I found out about Portecle and that allows me to create, update and delete truststores and associated keys/certs in an easier to use GUI tool.

JMeter: trustAnchors parameter must be non-empty

If you're doing security/cryptographic testing with Java - especially with JMeter - you might encounter errors in your testing where you might get a message similar to:

javax.net.ssl.SSLException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty

Searching Google gives you hints that you haven't defined your keystore or truststore correctly and it's coming up null when the test is run. This was the case for me too.

In regards to JMeter I had to check my script inside JMeter AND also the jmeter.properties and system.properties files under the bin directory.

Once I had successfully defined the cacerts file location I got past this error and was able to run my test.

Here is the snippet:

# Location of the truststore (trusted certificates)
javax.net.ssl.trustStore=/System/Library/Java/JavaVirtualMachines/1.6.0.jdk/Contents/Home/lib/security/cacerts