Can Taurus add a Keystore Configuration Element to a jmeter test plan?

[aleszc...@gmail.com]

HI,

I have written various scenarios in Taurus for injecting soap messages. I need to use a different client side ssl certificate for each scenario and would typically implement this using a Keystore Configuration Element in Jmeter. I have written all of my scenarios in yaml with Taurus building the scenario up using requests element but I cannot find a way to include the required KC element above unless I use an existing script which would require me to scrap my preferred approach using yaml.

Is anyone aware of a way to do this?

Thanks

[Andrey Pokhilko]

Hi,

Sorry, but keystore configuration is not available with YAML scripting. You'd have to use JMX file for that.

--

Andrey Pokhilko
Open Source Initiatives Leader

12.07.2018 15:42, aleszc...@gmail.com пишет:

CAUTION: This email originated from outside of CA. Do not click links or open attachments unless you recognize the sender and know the content is safe.


HI,

I have written various scenarios in Taurus for injecting soap messages. I need to use a different client side ssl certificate for each scenario and would typically implement this using a Keystore Configuration Element in Jmeter. I have written all of my scenarios in yaml with Taurus building the scenario up using requests element but I cannot find a way to include the required KC element above unless I use an existing script which would require me to scrap my preferred approach using yaml.

Is anyone aware of a way to do this?

Thanks

--
You received this message because you are subscribed to the Google Groups "codename-taurus" group.
To unsubscribe from this group and stop receiving emails from it, send an email to codename-taur...@googlegroups.com.
To view this discussion on the web visit https://urldefense.proofpoint.com/v2/url?u=https-3A__groups.google.com_d_msgid_codename-2Dtaurus_6111c4db-2D3ef6-2D4ce7-2Db8bc-2D525ff5b81d4c-2540googlegroups.com&d=DwIFaQ&c=_hRq4mqlUmqpqlyQ5hkoDXIVh6I6pxfkkNxQuL0p-Z0&r=TYaXQ-5u93AENE9irpiEsQDvdSpc1NV3Mu3uPc4zqskaIMBFIWPTByAIcCm5xjEb&m=tkdO3RL5FMmO7PN0ZGzfAX9_8Hxof0ssa4n_qG6g-TU&s=XJM9FGM2E7_coEBrbYq5UoiyUtlIcKVXmfepAxq23BU&e=.
For more options, visit https://urldefense.proofpoint.com/v2/url?u=https-3A__groups.google.com_d_optout&d=DwIFaQ&c=_hRq4mqlUmqpqlyQ5hkoDXIVh6I6pxfkkNxQuL0p-Z0&r=TYaXQ-5u93AENE9irpiEsQDvdSpc1NV3Mu3uPc4zqskaIMBFIWPTByAIcCm5xjEb&m=tkdO3RL5FMmO7PN0ZGzfAX9_8Hxof0ssa4n_qG6g-TU&s=hQKKf5KVXAI206FWeFuvhZr78WurGSNg5OwnpbNyEug&e=.

[aleszc...@gmail.com]

Ok, thanks for confirming.

Are there any plans to include this? It seems like a relatively minor update.

Thanks

[Andrey Pokhilko]

No, we don't plan to add this in nearest future.

--

Andrey Pokhilko
Open Source Initiatives Leader

13.07.2018 17:50, aleszc...@gmail.com пишет:

CAUTION: This email originated from outside of CA. Do not click links or open attachments unless you recognize the sender and know the content is safe.


Ok, thanks for confirming.

Are there any plans to include this? It seems like a relatively minor update.

Thanks

--
You received this message because you are subscribed to the Google Groups "codename-taurus" group.
To unsubscribe from this group and stop receiving emails from it, send an email to codename-taur...@googlegroups.com.
To view this discussion on the web visit https://urldefense.proofpoint.com/v2/url?u=https-3A__groups.google.com_d_msgid_codename-2Dtaurus_67ee489f-2Da13d-2D4eef-2D9c77-2Df82caf811669-2540googlegroups.com&d=DwIBaQ&c=_hRq4mqlUmqpqlyQ5hkoDXIVh6I6pxfkkNxQuL0p-Z0&r=TYaXQ-5u93AENE9irpiEsQDvdSpc1NV3Mu3uPc4zqskaIMBFIWPTByAIcCm5xjEb&m=x5tofzJhZcWYbFUSqv6fxrdB_xG6ukmRR1ZNFwXiaKU&s=vqmUjMIPzEOployAz5l24IDUJS6RFHQRWSmFJS6z4hw&e=.
For more options, visit https://urldefense.proofpoint.com/v2/url?u=https-3A__groups.google.com_d_optout&d=DwIBaQ&c=_hRq4mqlUmqpqlyQ5hkoDXIVh6I6pxfkkNxQuL0p-Z0&r=TYaXQ-5u93AENE9irpiEsQDvdSpc1NV3Mu3uPc4zqskaIMBFIWPTByAIcCm5xjEb&m=x5tofzJhZcWYbFUSqv6fxrdB_xG6ukmRR1ZNFwXiaKU&s=HOnNinnjwmiRwoFvPLyJHl4loK5jG_S1p_ySuDBBB2A&e=.

[tal...@gmail.com]

I have added support for the keystore configuration into the JMeter executor. You can use taurus' yaml syntax to include keystore configuration. It is available right now as snapshot wheel downloadables from this link: https://gettaurus.org/docs/DeveloperGuide.md#Python-Egg-Snapshots. 

Here is paste from the documentation that will be added when this version makes to production:

If you require multiple client certificates for your test (e.g. one per user session):

• For this method, you need a single JKS file with all the certificates added with their own aliases
  • You can use java's keytool utility to convert other formats to JKS and add it to single JKS file with aliases
• Create a CSV file with list of corresponding certificate aliases that are required for your test
• Add a data-source for this CSV file for taurus to load
• Use keystore-config to set various parameters about the keystore as shown below
  • For each iteration of execution, an alias from CSV file will be read and stored in the variable mentioned
  • And the corresponding certificate for the alias will be used when setting up the https connection 

scenarios:
  client-cert-scenario:
    data-sources: # Read cert aliases from this CSV file
    - path: ${BASE_DIR}/test-data/my-client-certificate-aliases.csv
      delimiter: ','
      quoted: false  # allow quoted data
      loop: true  # loop over in case of end-of-file reached if true, stop thread if false
      variable-names: certalias  # variable-name here needs to be used in keystore-config next
    keystore-config:
      variable-name: certalias # variable name used in data-source element
      start-index: 0 # The index of the first key to use in Keystore, 0-based.
      end-index: 99 # The index of the last key to use in Keystore, 0-based. 
      preload: true

• Also add the JKS file and its password in the system-properties section

modules:
  jmeter:
    properties:
    system-properties:
      javax.net.ssl.keyStore: ${BASE_DIR}/test-data/my-client-certificates-in-one-jks.jks
      javax.net.ssl.keyStorePassword: MyClientCertificateJKSFilePassword

• Keep an eye on the jmeter.log file to confirm if the all aliases loaded correctly

INFO o.a.j.c.KeystoreConfig: Configuring Keystore with (preload: 'True', startIndex: 0, endIndex: 99, clientCertAliasVarName: 'certalias')
INFO o.a.j.u.JsseSSLManager: Using default SSL protocol: TLS
INFO o.a.j.u.JsseSSLManager: SSL session context: per-thread
INFO o.a.j.u.SSLManager: JmeterKeyStore Location: /tmp/test-data/my-client-certificates-in-one-jks.jks type JKS
INFO o.a.j.u.SSLManager: KeyStore created OK
INFO o.a.j.u.SSLManager: Total of 100 aliases loaded OK from keystore