1

In Jmeter, I am facing issues with SSL identification when tried to record the traffic on my mobile application. Error message I am getting is Problem with SSL certificate for url for XXXXXXXX Ensure browser is set to accept the JMeter proxy cert: Received fatal alert: certificate_unknown

I have already tried Installing dummy Jmeter certificate in mobile, by referring this link. But it didnt work.
Some information about my apps
1) My application is on http layer, but during login process its referring some third party apis which are on https layer
2) Jmeter is getting stuck at the page where we are referring facebook, twitter and some other third party plugins. And the error page in Jmeter displaying certificate unknown against each of those plugins.

Experts, please throw some light.

syamgpillai
  • 11
  • 5
  • Edit your question and add jmeter tag to get more readers to read your question – Ori Marko Dec 18 '17 at 12:52
  • Sure will do, Thank you. – syamgpillai Dec 19 '17 at 08:35
  • Are you using Android Naugat+ OS, if Yes... Naugat don't allow any proxy certificate for SSL exceptions on non rooted devices. ref: https://threatpost.com/google-updates-ca-trust-mechanisms-in-android-nougat/119175/ – Yugal Dec 19 '17 at 08:43
  • @Yugal Nops I tried with Marshmallow and its a rooted device. It actually reads browser inputs from mobile, but only after showing "your connection is not secure" message. – syamgpillai Dec 20 '17 at 10:01
  • 1
    May be you should re-visit the steps to install Jmeter CA certificate. You need to install ca certificate from default email client (i.e. Gmail) in android device which needs to password/pattern protected, and if you succeed in installing, android should prompt an alert i.e. "Network May Be Monitored" – Yugal Dec 26 '17 at 07:15
  • Thanks @Yugal definitely will give a try. – syamgpillai Dec 27 '17 at 08:27

1 Answers1

1

I know this is posted almost 2 years ago but for those who are seeing this thread, I want to share what helps me solve the same issue --> Need to modify the APK to include network_security_config.xml using tools available if you have JDK (Search APKTool and KeyTool in your file explorer)

  1. Transfer the APK from your phone to your PC (you can use the android app to locate the APK)
  2. Decompile the APK (APKTool)
  3. Manually Sign the APK (KeyTool)
  4. Compile the APK (APKTool)
  5. Transfer APK to your phone
  6. Install APK on your phone
  7. Follow the steps in Jmeter recording

More info here for editing network_security_config.xml https://www.ubik-ingenierie.com/blog/how-to-record-android-application-using-https-traffic-jmeter/ More info here for decompiling, signing, recompiling http://www.decompileandroid.com/ How to Sign an Already Compiled Apk

Alexey Usharovski
  • 1,404
  • 13
  • 31
Millie Anne Volante
  • 171
  • 5