Bug 64253 - MailReaderSampler with SSL authentication
Summary: MailReaderSampler with SSL authentication
Status: NEW
Alias: None
Product: JMeter
Classification: Unclassified
Component: Main (show other bugs)
Version: 5.2.1
Hardware: PC All
: P2 critical (vote)
Target Milestone: JMETER_5.3.0
Assignee: JMeter issues mailing list
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2020-03-21 10:22 UTC by Tobias
Modified: 2021-01-02 20:11 UTC (History)
0 users



Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Tobias 2020-03-21 10:22:46 UTC
The issue is regarding MailReaderSampler with SSL authentication enabled on server side. In Wireshark I see a lot of handshake failed messages, because Jmeter is sending back a SSL "Certificate" message with a zero length certificate.



        <MailReaderSampler guiclass="MailReaderSamplerGui" testclass="MailReaderSampler" testname="POP3 Sampler Port 995 " enabled="true">
          <stringProp name="host_type">pop3s</stringProp>
          <stringProp name="folder">INBOX</stringProp>
          <stringProp name="host">xx.xx.xx.xx</stringProp>
          <stringProp name="port">995</stringProp>
          <stringProp name="username">praxis.dr.moritz.nullmayr${__threadNum}@tsi.komle.telematik-test</stringProp>
          <stringProp name="password">gematik123</stringProp>
          <stringProp name="num_messages">10</stringProp>
          <boolProp name="delete">false</boolProp>
          <stringProp name="SMTPSampler.useSSL">true</stringProp>
          <stringProp name="SMTPSampler.useStartTLS">false</stringProp>
          <stringProp name="SMTPSampler.trustAllCerts">true</stringProp>
          <stringProp name="SMTPSampler.enforceStartTLS">false</stringProp>
          <stringProp name="SMTPSampler.useLocalTrustStore">false</stringProp>
          <stringProp name="SMTPSampler.trustStoreToUse"></stringProp>
          <stringProp name="SMTPSampler.tlsProtocols"></stringProp>
        </MailReaderSampler>
Comment 1 akovtunenko 2020-04-05 13:16:04 UTC
I  set mail.pop3.ssl.enable=true in jmeter.properties and updated trustore seems working for me .   maybe have to add patch
Comment 2 akovtunenko 2020-04-23 16:05:09 UTC
could check if this fix works for you https://github.com/apache/jmeter/pull/583/files ?
Comment 3 akovtunenko 2020-04-23 16:06:12 UTC
could you check if fix https://github.com/apache/jmeter/pull/583 works for you?
Comment 4 akovtunenko 2020-04-23 16:06:41 UTC
could you check if fix https://github.com/apache/jmeter/pull/583 works for you?
Comment 5 Felix Schumacher 2021-01-02 20:11:16 UTC
I think one of the (possible more than one) problems is, that we load a trust-store without a password (LocalTrustStoreSSLSocketFactory). That way, the SSLContext will not have access to any client certs (their private parts) that might be located inside the JKS file.

As JKS is going to be replaced by PKCS12 (or at least advised to be replaced), another addition to supporting a password for the trust-store (and thus making it a trust+key-store) would be to support other formats beside JKS.