I am about to test web application with JMeter. I have already recorded and parametrized scripts and these seem to be working fine. Problem is, that one of the requirements is to redirect the traffic through mitmproxy. I already found solution on how to redirect the traffic to the desired proxy: How to set proxy for JMeter from behind another proxy?
To manually go through the scenario I am setting manual proxy configuration in my Firefox browser, then navigate to mitm.it and if proxy is enabled I get the client side certificate to download. Once trusted, all traffic goes through this proxy instance. Problem is that certificate downloaded from here is with .crt extension and this is the only form of authentication - no signatures, no passwords and so on. I am just wondering how to make this proxy trust JMeter requests? Adding this certificate to existing keystore will do fine? If so, I could not find unambiguous tutorial on how to extend keystore with the certificate having no password and the key. Any suggestions? PS. I tried following http://www.middlewareguru.com/mw/?p=478 - but it states: "The key store must have at the least one x509 certificate and private key" -> problem is that I have only certificate, no private keys and it works perfectly for Firefox, but have no idea how keystore will behave in such scenario (my proxy is down as for now, but I would like to be ready with the approach before it's up and running again).
You need to convert your .crt file into .p12 file which JMeter can "understand" using i.e. OpenSSL like:
openssl pkcs12 -export -in certificate.crt -inkey inkey.key -out certificate.p12
Once done you can add the following line to system.properties file (located in "bin" folder of your JMeter installation)
javax.net.ssl.keyStore=/path/to/certificate.p12
You can also use SSL Manager instead of steps 2 and 3 but using system properties is way more convenient.
References: