Sir, How can we import that certificate into jmeter. Please provide me the steps.
Please help, need very urgently. Regards, Pravesh Prajapati. On Sun, May 17, 2015 at 2:31 PM, Pravesh Prajapati < [email protected]> wrote: > Hi sir, > > With reference to this mail.. > > Gather Digital apps use a connection with SSL authentification between the > client app and the server. You must have the ssl client key file (.p12 > generally) and import into JMeter to allow the authentication between > JMeter and the server when the proxy is in action. > http://jmeter.apache.org/usermanual/component_reference.html#SSL_Manager > > The other app (esri events) has a bad signature and my android refuse to > install the app. > > Follow the Bob's advice, ask to the developers a non ssl version or the > SSL keyfile for auth and some docs. > > Sir. > If I demand a .p12 file (client key) from developer, then where I have to > place it. > Should I place it to bin folder of Jmeter, where it own certificate > already exist. > Will it create conflict if I have 2 certificate in the same folder. > > Sir, > If I kept that file into bin folder of jmeter, that mean I dont have to > install that certificate into mobile? > Is I am right please suggest? > > Regards, > Pravesh Prajapati > > On Sun, May 17, 2015 at 2:07 PM, Bob <[email protected]> wrote: > >> Good, then do this: >> >> 1. Use preferred steps from this answer >> http://stackoverflow.com/questions/9555403/capturing-mobile-phone-traffic-on-wireshark >> to capture traffic with Wireshark. If you have problems with capturing SSL >> traffic it's better to ask here: https://ask.wireshark.org/ >> 2. After you get pcap file, you can convert pcap to jmx on this page >> http://converter.blazemeter.com/ >> 3. PROFIT!!! >> >> >> On 17/05/15 13:25, Pravesh Prajapati wrote: >> >>> Sir I want to capture the scripts then execute a load on the same >>> But I am not able to capture the scripts only for native device >>> application. >>> >>> On Sunday, May 17, 2015, Bob <[email protected]> wrote: >>> >>> Pravesh, hope JMeter is not used for man-in-the-middle attack. As I >>>> replied before you can always ask developers to provide non-encrypted >>>> version and API documentation. >>>> >>>> On 17/05/15 09:14, Pravesh Prajapati wrote: >>>> >>>> Hi Sir, >>>>> I tried the same thing but finding issues. >>>>> Can you please for the app (Gather digital & esri events). >>>>> You will find on the playstore. >>>>> Just search the name as mentioned above. >>>>> Sir, please reply. >>>>> Thanks in advance. >>>>> >>>>> On Sun, May 17, 2015 at 12:04 AM, Milamber <[email protected]> >>>>> wrote: >>>>> >>>>> Works with the Linkedin Apps (for example) with HTTPS request. >>>>> >>>>>> 1/ Start JMeter (fresh install) >>>>>> 2/ Create a sample test plan with the template "Recording" >>>>>> 3/ Under the WorkBench, choose the HTTP(S) Test Script Recorder >>>>>> element, >>>>>> and click on the "Start" button (botton) >>>>>> JMeter will create a new dynamic KeyStore (bin/proxyserver.jks) and >>>>>> export >>>>>> the Root CA public key (bin/ApacheJMeterTemporaryRootCA.crt file) >>>>>> >>>>>> 4/ Go to JMETER_HOME/bin, and copy the ApacheJMeterTemporaryRootCA.crt >>>>>> file to a sdcard (or another way) >>>>>> 5/ Put the sdcard on your tablet/phone >>>>>> >>>>>> 6/ on your tablet/phone, use a file manager (I use the CM File Manager >>>>>> from Cheetah Mobile on Play Store), go to the sdcard, click on >>>>>> ApacheJMeterTemporaryRootCA.crt file, to import this Root CA (name for >>>>>> example : JMeter) >>>>>> >>>>>> (with this new Root CA in your phone as a 'true' CA, all fake ssl cert >>>>>> generated dynamically by JMeter will be trusted on your phone.) >>>>>> >>>>>> 7/ Change your WLAN access to add the JMeter proxy (instructions >>>>>> below) >>>>>> (stop/start wifi after) >>>>>> >>>>>> 8/ Start your app, and use it >>>>>> >>>>>> 9/ Follow all HTTP/HTTPS requests (from your app, but other background >>>>>> task too) on JMeter, in the View Results Tree element (under HTTP(S) >>>>>> Test >>>>>> Script Recorder). >>>>>> >>>>>> >>>>>> Milamber >>>>>> >>>>>> >>>>>> For reference (and manage the JMeter Root CA on your phone) : >>>>>> http://wiki.cacert.org/FAQ/ImportRootCert#Android_Phones_.26_Tablets >>>>>> >>>>>> CAcert user trusted certificates >>>>>> >>>>>> Download the certificate files ('root.crt' and 'class3.crt') onto the >>>>>> internal flash storage (the '/sdcard' or any subfolder). Browse to >>>>>> this >>>>>> folder with the file manager and open 'root.crt'. Although there might >>>>>> not >>>>>> be an icon for certificates and the files will have a '?'-icon, files >>>>>> will >>>>>> be opened with the certificate manager, asking you for a name to >>>>>> describe >>>>>> the to-be-imported certificate. If it is the first user certificate >>>>>> you >>>>>> install, the Android Security Model forces you to use a lock-screen to >>>>>> unlock your device (see "CAcert system trusted certificates" if you >>>>>> really >>>>>> need to avoid this) Repeat with the 'class3.crt' file. Check if both >>>>>> certificate files are installed correctly, Settings -> Security -> >>>>>> Certificates -> 'User'-section should now list the certificates you >>>>>> have >>>>>> just installed. >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> >>>>>> On 16/05/2015 17:34, Pravesh Prajapati wrote: >>>>>> >>>>>> Yes sir, >>>>>> >>>>>>> I am too able to capture traffic with the help of browser in devices. >>>>>>> But I want to record the traffic of native hydride apps deployed on >>>>>>> devices >>>>>>> which uses https for its communication. >>>>>>> >>>>>>> Please hep stucked badly. >>>>>>> Thanks in advance. >>>>>>> >>>>>>> >>>>>>> On Sat, May 16, 2015 at 8:36 PM, Milamber <[email protected]> >>>>>>> wrote: >>>>>>> >>>>>>> >>>>>>> On 16/05/2015 14:51, sebb wrote: >>>>>>> >>>>>>>> The JMeter recorder (proxy) is intended for capturing local (i.e. >>>>>>>> same >>>>>>>> >>>>>>>>> host) browser traffic in order to test a remote server. >>>>>>>>> >>>>>>>>> This requires that the browser can be configured to use a local >>>>>>>>> proxy >>>>>>>>> (i.e. JMeter's recorder). >>>>>>>>> AFAIK, this cannot be done for most (any?) Android browsers or >>>>>>>>> apps. >>>>>>>>> >>>>>>>>> It's possible to use a proxy with a WLAN connection on Android >>>>>>>>> (for >>>>>>>>> >>>>>>>> browsers and some apps) >>>>>>>> When your are connect on your wifi acces, return on Settings, Wifi, >>>>>>>> long >>>>>>>> press on your Wifi connection name, Modify, Display advanced >>>>>>>> settings, >>>>>>>> add proxy settings (the jmeter machine on same network - ip and >>>>>>>> port of >>>>>>>> jmeter recorder) >>>>>>>> >>>>>>>> Works on my android tablet (Android 4.2.2) with firefox (for https >>>>>>>> need >>>>>>>> to accept an exception) and for some apps (only in http). >>>>>>>> >>>>>>>> Milamber >>>>>>>> >>>>>>>> >>>>>>>> If you just want to record the traffic, you would be better off >>>>>>>> using >>>>>>>> >>>>>>>> something like NoRoot Data Firewall which can record the traffic >>>>>>>>> in a >>>>>>>>> pcap file. >>>>>>>>> >>>>>>>>> You'll probably have to copy the pcap file(s) to another host in >>>>>>>>> order >>>>>>>>> to analyse them. >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> On 16 May 2015 at 13:19, Pravesh Prajapati < >>>>>>>>> [email protected] >>>>>>>>> >>>>>>>>> wrote: >>>>>>>> >>>>>>>> Sir, >>>>>>>> >>>>>>>>> 1.I have installed jmeter root certificate into android device. >>>>>>>>>> 2.Configure proxy. >>>>>>>>>> 3.Downloaded gather digital app from the play store. >>>>>>>>>> 4.Trying to capture the traffic but not able to capture it. >>>>>>>>>> >>>>>>>>>> Please help. >>>>>>>>>> Thanks in advance. >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> On Sat, May 16, 2015 at 4:52 PM, Pravesh Prajapati < >>>>>>>>>> [email protected]> wrote: >>>>>>>>>> >>>>>>>>>> Hi sir, >>>>>>>>>> >>>>>>>>>> How can I install the jmeter ApacheJMeterTemporaryRootCA >>>>>>>>>>> certificate >>>>>>>>>>> >>>>>>>>>>> into >>>>>>>>>>> >>>>>>>>>> iphone or android device. >>>>>>>>> >>>>>>>>> Will this solve my problem. >>>>>>>>>> >>>>>>>>>>> I am not able to capture the traffic of that app. >>>>>>>>>>> OR is there is any mechanism of Any certificate required to be >>>>>>>>>>> >>>>>>>>>>> installed >>>>>>>>>>> >>>>>>>>>> for capturing the traffic. >>>>>>>>> >>>>>>>>> Please help at the earliest. >>>>>>>>>> >>>>>>>>>>> Thanks in advance. >>>>>>>>>>> >>>>>>>>>>> On Sat, May 16, 2015 at 1:43 PM, Bob <[email protected]> wrote: >>>>>>>>>>> >>>>>>>>>>> Hi Pravesh, >>>>>>>>>>> >>>>>>>>>>> Ask developers to provide App version which works with staging, >>>>>>>>>>>> >>>>>>>>>>>> usually >>>>>>>>>>>> >>>>>>>>>>> for staging environment used non-encrypted connection. >>>>>>>>>> >>>>>>>>>>> On 16/05/15 10:25, Pravesh Prajapati wrote: >>>>>>>>>>>> >>>>>>>>>>>> Hi Sir, >>>>>>>>>>>> >>>>>>>>>>>> I want help please help me. >>>>>>>>>>>>> I want to record the script of native apps on Android & iphone >>>>>>>>>>>>> >>>>>>>>>>>>> devices. >>>>>>>>>>>>> >>>>>>>>>>>> But application is secure. >>>>>>>>>>> >>>>>>>>>> Can you please suggest me the mechanism so that I can record the >>>>>>>>>> >>>>>>>>>>> scripts >>>>>>>>>>>>> >>>>>>>>>>>> of >>>>>>>>>>> >>>>>>>>>> there native apps. >>>>>>>>>> >>>>>>>>>>> I have done all configuration setting in jmeter & mobile device, >>>>>>>>>>>>> but >>>>>>>>>>>>> still >>>>>>>>>>>>> not able to record the scripts of the secure native app. >>>>>>>>>>>>> Please help. >>>>>>>>>>>>> Thanks in advance. >>>>>>>>>>>>> >>>>>>>>>>>>> >>>>>>>>>>>>> On Sat, May 16, 2015 at 4:17 AM, sebb <[email protected]> >>>>>>>>>>>>> wrote: >>>>>>>>>>>>> >>>>>>>>>>>>> On 15 May 2015 at 16:19, Flavio Cysne < >>>>>>>>>>>>> [email protected]> >>>>>>>>>>>>> >>>>>>>>>>>>> wrote: >>>>>>>>>>>>> >>>>>>>>>>>> The machines used at the work environment is using CentOS and >>>>>>>>>>> had >>>>>>>>>>> >>>>>>>>>> no >>>>>>>>>> >>>>>>>>>>> problems like this. Maybe this could be related to a missing >>>>>>>>>>>>> >>>>>>>>>>>> openssl >>>>>>>>>> >>>>>>>>>>> package or similar native package that handles SSL connections. >>>>>>>>>>>>> >>>>>>>>>>>> I doubt it - look at the error message in the dialogue box. >>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>> --------------------------------------------------------------------- >>>>>>>> >>>>>>>> To unsubscribe, e-mail: [email protected] >>>>>>>> >>>>>>>>> For additional commands, e-mail: [email protected] >>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>>>> >>>>>>>>>>>> --------------------------------------------------------------------- >>>>>>>>>>>> To unsubscribe, e-mail: [email protected] >>>>>>>>>>>> For additional commands, e-mail: [email protected] >>>>>>>>>>>> >>>>>>>>>>>> >>>>>>>>>>>> -- >>>>>>>>>>>> >>>>>>>>>>>> Regards, >>>>>>>>>>> Pravesh prajapati. >>>>>>>>>>> Mob:-9702600170 >>>>>>>>>>> >>>>>>>>>>> >>>>>>>>>>> -- >>>>>>>>>>> >>>>>>>>>> Regards, >>>>>>>>>> Pravesh prajapati. >>>>>>>>>> Mob:-9702600170 >>>>>>>>>> >>>>>>>>>> >>>>>>>>>> >>>>>>>>> --------------------------------------------------------------------- >>>>>>>>> To unsubscribe, e-mail: [email protected] >>>>>>>>> For additional commands, e-mail: [email protected] >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> >>>>>>>>> --------------------------------------------------------------------- >>>>>>>>> >>>>>>>> To unsubscribe, e-mail: [email protected] >>>>>>>> For additional commands, e-mail: [email protected] >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> --------------------------------------------------------------------- >>>>>>>> >>>>>>> To unsubscribe, e-mail: [email protected] >>>>>> For additional commands, e-mail: [email protected] >>>>>> >>>>>> >>>>>> >>>>>> --------------------------------------------------------------------- >>>> To unsubscribe, e-mail: [email protected] >>>> For additional commands, e-mail: [email protected] >>>> >>>> >>>> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> >> > > > -- > Regards, > Pravesh prajapati. > Mob:-9702600170 > -- Regards, Pravesh prajapati. Mob:-9702600170
