1

I am trying to connect from Jmeter to aurora db using ssl connection but its giving error below :

2022-05-02 18:00:10,693 INFO o.a.j.p.h.p.ProxyControl: HTTP(S) Test Script Recorder SSL Proxy will use keys that support embedded 3rd party resources in file C:\Softwares\apache-jmeter-5.1.1\bin\proxyserver.jks
2022-05-02 18:00:10,699 WARN o.j.r.PluginManagerMenuItem: Failed to load plugin updates info
javax.net.ssl.SSLHandshakeException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
  at sun.security.ssl.Alert.createSSLException(Alert.java:131) ~[?:?]
  at sun.security.ssl.TransportContext.fatal(TransportContext.java:352) ~[?:?]
  at sun.security.ssl.TransportContext.fatal(TransportContext.java:295) ~[?:?]
  at sun.security.ssl.TransportContext.fatal(TransportContext.java:290) ~[?:?]
  at sun.security.ssl.CertificateMessage$T13CertificateConsumer.checkServerCerts(CertificateMessage.java:1357) ~[?:?]
  at sun.security.ssl.CertificateMessage$T13CertificateConsumer.onConsumeCertificate(CertificateMessage.java:1232) ~[?:?]
  at sun.security.ssl.CertificateMessage$T13CertificateConsumer.consume(CertificateMessage.java:1175) ~[?:?]
  at sun.security.ssl.SSLHandshake.consume(SSLHandshake.java:392) ~[?:?]

2022-05-02 18:00:21,018 INFO o.a.j.u.SSLManager: KeyStore created OK
2022-05-02 18:00:21,102 ERROR o.a.j.u.SSLManager: Problem loading keystore: No key(s) found
java.io.IOException: No key(s) found
  at org.apache.jmeter.util.keystore.JmeterKeyStore.load(JmeterKeyStore.java:153) ~[ApacheJMeter_core.jar:5.1.1 r1855137]
  at org.apache.jmeter.util.SSLManager.getKeyStore(SSLManager.java:132) [ApacheJMeter_core.jar:5.1.1 r1855137]
  at org.apache.jmeter.util.SSLManager.configureKeystore(SSLManager.java:290) [ApacheJMeter_core.jar:5.1.1 r1855137]
  at org.apache.jmeter.config.KeystoreConfig.testStarted(KeystoreConfig.java:99) [ApacheJMeter_components.jar:5.1.1 r1855137]

I have created one keystore with root certificate for connecting to aurora db and it has that certificate and below is the config for that in system.properties :

   javax.net.ssl.keyStore=proxyserver.jks
   javax.net.ssl.keyStorePassword=storepass
   javax.net.ssl.keyStoreProvider=SUN
   javax.net.ssl.keyStoreType=PKCS12

Please suggest what am I missing in this..

Pracheer Pancholi
  • 570
  • 2
  • 7
  • 21
  • To connect to a server that uses a cert from a non-'standard' CA (such as an in-house generated one), you must provide the root or anchor cert for the server's cert in your **trustStore (not keyStore)**. keyStore is used only to authenticate the _client_ to the server, and in that case it must have a privatekey associated, which yours doesn't hence the "No key(s) found". – dave_thompson_085 May 02 '22 at 19:41
  • That's not the issue as same thing is working with mysql workbench and squirrel .. – Pracheer Pancholi May 05 '22 at 15:29

1 Answers1

0

The error is not connected with Aurora DB by any means, it is about JMeter Plugins Manager being not able to connect to its default repo address of https://jmeter-plugins.org/repo/ securely most probably because:

  1. You're behind a corporate proxy
  2. Your company uses MITM certificate to decrypt and inspect HTTPS traffic from/to your machine

If you want particularly this problem to go away you either need to change jpgc.repo.address JMeter Property to http://jmeter-plugins.org/repo/ or import your company's MITM certificate into a Java truststore and pointing JMeter to use this truststore via javax.net.ssl.trustStore and javax.net.ssl.trustStorePassword System Properties.

More information:

Dmitri T
  • 159,985
  • 5
  • 83
  • 133
  • So the issue is with mysql-connector-java jar version was bit old which was not supporting aurora db. After using mysql-connector-java-8.0.23.jar I am able to connect to the aurora mysql db from jmeter... – Pracheer Pancholi May 05 '22 at 15:31