I have an IPAD hybrid app for our application. It tries to hit our https server during login process. I would like to use JMeter to record this simple flow.
I am running JMeter proxy server in my local machine. I updated IPAD proxy details so that any activity will go via JMeter proxy - so that i can record.
I am able to record in JMeter the activities i do in Safari browser of the IPAD. But if i access my app in IPAD JMeter sends it as http request & records javax.net.ssl.sslhandshakeexception error . In the browser i can accept the SSL certificate. Not sure how it can be done in IPad.
I even tried to export the certificate from my browser , sent it to my email , accessed it in IPAD and installed. Still it does not work. Looks like it is a temporary certificate issued by JMeter.
If it is not https, then JMeter will be able to record the app activities.
Anyone has faced similar situation? how did you rsolve this?
Use jmeter 2.11 with Java 7 , it creates a crt file in jmeter/bin folder.
It is the CA that creates the certificates.
Send this file by mail and open it in Ipad and install it.
In test script recorder, put in the dedicated field HTTPS domains , the domains you are trying to hit, see:
http://jmeter.apache.org/usermanual/component_reference.html#HTTP(S)_Test_Script_Recorder
Restart Ipad and jmeter test script recorder and try again.
Related
I want to capture traffic from a host using HTTP, but I do not see a response coming back. If I close fiddler, my application runs as normal.
I see '-' in the Result section, where it should have been an HTTP response code. If I manually execute the request using Composer, I get a 200 response. Fiddler is able to capture traffic from all other web applications without issue.
I have installed Fiddler certificate. Troubleshooting Mode returns 200. The host does not use HTTPS, but I have enabled Capture HTTPS Connects anyways.
I am using Fiddler v5.0.20182
Some applications performs certificate pinning. Also web applications can perform certificate pinning e.g. via HTTP Public Key Pinning (HPKP). If you have ever used the web application in your browser without Fiddler, the web app public key has been downloaded and cached in the web-browser.
Afterwards the Fiddler root certificate is no longer accepted for that site/app even it it has been installed correctly. You should be able to identify such problematic connections in Fiddler if you only see a CONNECT request but no subsequent requests to the same domain.
To delete the HPKP in your web browser you should use a fresh profile or clear the complete browser cache. Afterwards only use it with activated Fiddler proxy and SSL decryption. As far as I know Fiddler will remove HPKP data from responses so that the web application should also work with Fiddler in between.
I think you should be able to uncheck the options for https, uncheck the boxes which appear checked here? Or you might be able to skip decryption by adding the host in the box below where it says Skip decryption for the following hosts
I am creating a screen scrapping application which uses web whataspp. I want to know how the messages are being posted. I installed fiddler and enabled https and tweaked the certificates settings in it. I am unable to get any traffic from web.whatsapp.com, but fiddler is able to capture requests and responses of other websites(http, https). Please help.
I'm working on a Windows8.1 Store app using JavaScript.
As per the requirement we are serving the html files with the help of a http local server which uses Windows.Networking.Sockets.StreamSocket.Listener.
Here is the example of the http server I'm using and its working fine for http requests.
If I change the source to https the local server receives request, but the InputStream will be encrypted.
Is there way to decrypt and get the InputStream? May be by using any SSL certificates.
The problem is x-ms-webview in windows 8.1 app require https source to perform script notification i.e MSWebViewScriptNotify event.
As we are not using any external website to make it https, how to make this local server to accept https requests and serve the files.
We develop local apps that redirect to a secure web host which then sends the relevant FB app info to our FB app which in turn redirects back to our web server which redirects back to our local app. The local app stores the relevant FB user info so that user interaction is then posted to FB as per their approval. Everything works perfectly except for our latest project.
Our latest project running in Dubai is having latency issues between FB, the web server and our localhost on its return from the FB app authorisation. When the PHP script execution time was set to 30 seconds the redirect would timeout. We have increased this execution duration and the app works again but the wait is not ideal as ppl are queued in malls waiting to try out the activation.
I see it is possible to setup SSL on the localhost server as per: How do I allow HTTPS for Apache on localhost?
So my question is: Would FB allow this SSL connection or would the certificate have to come from an authority on a certified web server?
I was thinking of using the localhost WAMP server as the web server aswell and setting up its own OpenSSL to try reduce the latency issues.
I never built the original application so does the FB PHP SDK even need to be hosted on a secure site?
I configured my web server to use HTTPS instead of HTTP. I used openssl to generate an X509 certificate and private key. When I connect using FireFox it warns me of an "Untrusted Connection" and allows me to add an exception to continue. When I connect using my iPhone's Safari web browser it does the same thing. I hit accept to the security prompt and it works fine.
I add the web page to my home screen so that I can run it as a web-app. When I open the web-app I see the following prompt:
Cannot Open MyWebApp MyWebApp could not be opened. The error was: "The certificate for this server is invalid. You might be connecting to a server that is pretending to be mydomainnamehere.com" which could put your confidential information at risk.:". CLOSE or RETRY
If I hit close the web-app closes. If I hit retry I see the prompt again. There is no option to trust the site and continue. How can I get this to work? I'd like to use HTTPS to encrypt the sensitive data. It is a private site I use to access files remotely. It is not intended for public use.
There are two solution. 1) use a trusted certificate and 2) is to add the untrusted certificate to your iPad. This way your iPad will consider it as trusted.
Download the certificate (with Chrome for example), put the cert as an attachment on an email. Open this email on your iPad and click the attachment/cert and install it. Thats it!