Jmeter 2.11:获得“对等体未经身份验证”错误。

huangapple go评论82阅读模式
英文:

Jmeter 2.11 : Getting Peer Not Authenticated

问题

我遇到了以下列出的异常:

javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
	at sun.security.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
	at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
	at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572)
	...

Jmeter.properties文件中的属性设置如下:

#https.default.protocol=TLS
#https.default.protocol=SSLv3
#https.socket.protocols=SSLv2Hello SSLv3 TLSv1

JDK 版本:1.7

  1. 我已经导入了所需的证书。
  2. 我尝试设置了https.socket.protocols=SSLv3 链接
  3. 我已将实现更改为HTTPClient4
  4. 证书的过期年份为2022。

但是仍然没有起作用。请提供解决方案。

更新:

以下是一些调试信息:

2020/09/23 13:32:07 INFO  - jmeter.util.HttpSSLProtocolSocketFactory: 使用协议列表:SSLv3 
2020/09/23 13:32:07 INFO  - jmeter.util.JsseSSLManager: 使用默认 SSL 协议:SSLv3 
2020/09/23 13:32:07 INFO  - jmeter.util.JsseSSLManager: SSL 会话上下文:每线程 
2020/09/23 13:32:07 DEBUG - jmeter.util.JsseSSLManager: ssl 提供者 =  null 
2020/09/23 13:32:07 DEBUG - jmeter.util.JsseSSLManager: SSL 相关设置已全部完成 
2020/09/23 13:32:07 DEBUG - jmeter.util.JsseSSLManager: JsseSSLManager 已安装 
2020/09/23 13:32:14 DEBUG - jmeter.protocol.http.sampler.HTTPHC4Impl: 通知循环重新启动后的第一个采样 
...

出现了新的异常:

java.net.SocketException: 连接被重置
	at java.net.SocketInputStream.read(Unknown Source)
	at ...

尽管遵循了上述步骤,仍然收到了套接字异常:

user.properties文件中的设置如下:

httpclient4.retrycount=1
hc.parameters.file=hc.parameters

hc.parameters文件中的设置如下:

http.connection.stalecheck$Boolean=true
英文:

I am getting the exception listed below:

 javax.net.ssl.SSLPeerUnverifiedException: peer not authenticated
    	at sun.security.ssl.SSLSessionImpl.getPeerCertificates(Unknown Source)
    	at org.apache.http.conn.ssl.AbstractVerifier.verify(AbstractVerifier.java:128)
    	at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:572)
    	at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
    	at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294)
    	at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:640)
    	at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479)
    	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
    	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)
    	at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.sample(HTTPHC4Impl.java:284)
    	at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:62)
    	at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.followRedirects(HTTPSamplerBase.java:1390)
    	at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.resultProcessing(HTTPSamplerBase.java:1461)
    	at org.apache.jmeter.protocol.http.sampler.HTTPAbstractImpl.resultProcessing(HTTPAbstractImpl.java:251)
    	at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.sample(HTTPHC4Impl.java:356)
    	at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:62)
    	at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1075)
    	at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1064)
    	at org.apache.jmeter.threads.JMeterThread.process_sampler(JMeterThread.java:426)
    	at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:255)
    	at java.lang.Thread.run(Unknown Source)

properties in Jmeter.properties:

> #https.default.protocol=TLS
> #https.default.protocol=SSLv3
> #https.socket.protocols=SSLv2Hello SSLv3 TLSv1

> JDK version: 1.7

1.I have already imported the required certificates.
2.I tried setting the https.socket.protocols=SSLv3 [https://bz.apache.org/bugzilla/show_bug.cgi?id=54759]
3.I have changed the implementation to HTTPClient4
4. The certificate's expiry year is 2022

but it didn't work.Please suggest solutions

UPDATE:

           2020/09/23 13:32:07 INFO  - jmeter.util.HttpSSLProtocolSocketFactory: Using protocol list: SSLv3 
2020/09/23 13:32:07 INFO  - jmeter.util.JsseSSLManager: Using default SSL protocol: SSLv3 
2020/09/23 13:32:07 INFO  - jmeter.util.JsseSSLManager: SSL session context: per-thread 
2020/09/23 13:32:07 DEBUG - jmeter.util.JsseSSLManager: ssl Provider =  null 
2020/09/23 13:32:07 DEBUG - jmeter.util.JsseSSLManager: SSL stuff all set 
2020/09/23 13:32:07 DEBUG - jmeter.util.JsseSSLManager: JsseSSLManager installed 
2020/09/23 13:32:14 DEBUG - jmeter.protocol.http.sampler.HTTPHC4Impl: notifyFirstSampleAfterLoopRestart 
2020/09/23 13:32:15 DEBUG - jmeter.protocol.http.sampler.HTTPHC4Impl: Created new HttpClient: @******** 
2020/09/23 13:32:15 DEBUG - jmeter.protocol.http.control.HC3CookieHandler: Found 0 cookies for https:*******
2020/09/23 13:32:15 DEBUG - jmeter.util.JsseSSLManager: Creating threadLocal SSL context for: test
2020/09/23 13:32:15 INFO  - jmeter.util.SSLManager: JmeterKeyStore Location:  type JKS 
2020/09/23 13:32:15 INFO  - jmeter.util.SSLManager: KeyStore created OK 
2020/09/23 13:32:15 WARN  - jmeter.util.SSLManager: Keystore file not found, loading empty keystore 
2020/09/23 13:32:15 DEBUG - jmeter.util.SSLManager: JmeterKeyStore type: class org.apache.jmeter.util.keystore.JmeterKeyStore 
2020/09/23 13:32:15 DEBUG - jmeter.util.JsseSSLManager: class org.apache.jmeter.util.keystore.JmeterKeyStore 
2020/09/23 13:32:15 INFO  - jmeter.util.SSLManager: TrustStore Location: D:/apache-jmeter-2.11/test_truststore.jks 
2020/09/23 13:32:15 INFO  - jmeter.util.SSLManager: TrustStore created OK, Type: JKS 
2020/09/23 13:32:15 INFO  - jmeter.util.SSLManager: Truststore loaded OK from file

New Exception:

java.net.SocketException: Connection reset
	at java.net.SocketInputStream.read(Unknown Source)
	at java.net.SocketInputStream.read(Unknown Source)
	at sun.security.ssl.InputRecord.readFully(Unknown Source)
	at sun.security.ssl.InputRecord.readV3Record(Unknown Source)
	at sun.security.ssl.InputRecord.read(Unknown Source)
	at sun.security.ssl.SSLSocketImpl.readRecord(Unknown Source)
	at sun.security.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
	at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
	at sun.security.ssl.SSLSocketImpl.startHandshake(Unknown Source)
	at org.apache.http.conn.ssl.SSLSocketFactory.connectSocket(SSLSocketFactory.java:436)
	at org.apache.http.impl.conn.DefaultClientConnectionOperator.openConnection(DefaultClientConnectionOperator.java:180)
	at org.apache.http.impl.conn.ManagedClientConnectionImpl.open(ManagedClientConnectionImpl.java:294)
	at org.apache.http.impl.client.DefaultRequestDirector.tryConnect(DefaultRequestDirector.java:643)
	at org.apache.http.impl.client.DefaultRequestDirector.execute(DefaultRequestDirector.java:479)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:906)
	at org.apache.http.impl.client.AbstractHttpClient.execute(AbstractHttpClient.java:805)
	at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.executeRequest(HTTPHC4Impl.java:481)
	at org.apache.jmeter.protocol.http.sampler.HTTPHC4Impl.sample(HTTPHC4Impl.java:298)
	at org.apache.jmeter.protocol.http.sampler.HTTPSamplerProxy.sample(HTTPSamplerProxy.java:74)
	at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1105)
	at org.apache.jmeter.protocol.http.sampler.HTTPSamplerBase.sample(HTTPSamplerBase.java:1094)
	at org.apache.jmeter.threads.JMeterThread.process_sampler(JMeterThread.java:429)
	at org.apache.jmeter.threads.JMeterThread.run(JMeterThread.java:257)
	at java.lang.Thread.run(Unknown Source)

Followed these steps but still getting the socket exception:

In user.properties file:

httpclient4.retrycount=1
hc.parameters.file=hc.parameters

In hc.parameters file:

http.connection.stalecheck$Boolean=true

答案1

得分: 1

system.properties 文件 中添加下面这行代码来启用 SSL 的调试日志:

javax.net.debug=ssl

然后查看 jmeter.log 文件stdout,很可能你会从中找到失败的确切原因。

草率的猜测:失败的原因可能是因为你正在使用8年前的 JMeter 版本,它运行在10年前的 JDK 上,而一些位于 jre/lib/security/cacerts 下的 重要安全证书 已经过期。

根据 JMeter 最佳实践,你应该始终使用最新版本的 JMeter,所以考虑升级到 JMeter 5.3(或者在 JMeter 下载 页面找到的最新稳定版本),以及从 OpenJDK 网站获取最新稳定版本的 64 位服务器 JRE 或 JDK(JMeter 发布说明中提到的最低支持版本)。

英文:

Enable debug logging for SSL by adding the next line to system.properties file

javax.net.debug=ssl

and then look at jmeter.log file and stdout, most probably you will figure out the exact reason for the failure from them.

Blind shot: the reason of failure might be due to you're using 8 years old JMeter version which is running on top of 10 years old JDK and some essential security certificates which reside under jre/lib/security/cacerts has expired already.

As per JMeter Best Practices you should always be using the latest version of JMeter so consider upgrading to JMeter 5.3 (or whatever is the latest stable version you can find at JMeter Downloads page) and the latest stable version of 64-bit server JRE or JDK from OpenJDK website (the minimum supported one is mentioned in JMeter release notes)

答案2

得分: 1

https.default.protocol=TLSv1.2

setting this worked for me.

英文:

https.default.protocol=TLSv1.2

setting this worked for me.

huangapple
  • 本文由 发表于 2020年9月22日 21:26:59
  • 转载请务必保留本文链接:https://go.coder-hub.com/64010769.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定