64253 – MailReaderSampler with SSL authentication

Bug 64253 - MailReaderSampler with SSL authentication

Summary: MailReaderSampler with SSL authentication

Status:	NEW

Alias:	None

Product:	JMeter
Classification:	Unclassified
Component:	Main (show other bugs)
Version:	5.2.1
Hardware:	PC All

Importance:	P2 critical (vote)
Target Milestone:	JMETER_5.3.0
Assignee:	JMeter issues mailing list

URL:
Keywords:

Depends on:
Blocks:

Reported:	2020-03-21 10:22 UTC by Tobias
Modified:	2021-01-02 20:11 UTC (History)
CC List:	0 users

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Tobias 2020-03-21 10:22:46 UTC

The issue is regarding MailReaderSampler with SSL authentication enabled on server side. In Wireshark I see a lot of handshake failed messages, because Jmeter is sending back a SSL "Certificate" message with a zero length certificate.



        <MailReaderSampler guiclass="MailReaderSamplerGui" testclass="MailReaderSampler" testname="POP3 Sampler Port 995 " enabled="true">
          <stringProp name="host_type">pop3s</stringProp>
          <stringProp name="folder">INBOX</stringProp>
          <stringProp name="host">xx.xx.xx.xx</stringProp>
          <stringProp name="port">995</stringProp>
          <stringProp name="username">praxis.dr.moritz.nullmayr${__threadNum}@tsi.komle.telematik-test</stringProp>
          <stringProp name="password">gematik123</stringProp>
          <stringProp name="num_messages">10</stringProp>
          <boolProp name="delete">false</boolProp>
          <stringProp name="SMTPSampler.useSSL">true</stringProp>
          <stringProp name="SMTPSampler.useStartTLS">false</stringProp>
          <stringProp name="SMTPSampler.trustAllCerts">true</stringProp>
          <stringProp name="SMTPSampler.enforceStartTLS">false</stringProp>
          <stringProp name="SMTPSampler.useLocalTrustStore">false</stringProp>
          <stringProp name="SMTPSampler.trustStoreToUse"></stringProp>
          <stringProp name="SMTPSampler.tlsProtocols"></stringProp>
        </MailReaderSampler>

Comment 1 akovtunenko 2020-04-05 13:16:04 UTC

I  set mail.pop3.ssl.enable=true in jmeter.properties and updated trustore seems working for me .   maybe have to add patch

Comment 2 akovtunenko 2020-04-23 16:05:09 UTC

could check if this fix works for you https://github.com/apache/jmeter/pull/583/files ?

Comment 3 akovtunenko 2020-04-23 16:06:12 UTC

could you check if fix https://github.com/apache/jmeter/pull/583 works for you?

Comment 4 akovtunenko 2020-04-23 16:06:41 UTC

could you check if fix https://github.com/apache/jmeter/pull/583 works for you?

Comment 5 Felix Schumacher 2021-01-02 20:11:16 UTC

I think one of the (possible more than one) problems is, that we load a trust-store without a password (LocalTrustStoreSSLSocketFactory). That way, the SSLContext will not have access to any client certs (their private parts) that might be located inside the JKS file.

As JKS is going to be replaced by PKCS12 (or at least advised to be replaced), another addition to supporting a password for the trust-store (and thus making it a trust+key-store) would be to support other formats beside JKS.