JMeter and HTTPS
Making HTTPS Requests
JMeter can make HTTPS requests - just create an HTTP Request Sampler, and set the protocol to https (instead of blank). You will need at least Java 1.4 for this; or you will need to download the JSSE jar(s) from Sun.
Problems With Invalid SSL Server Certificates
Currently, when JMeter 2.2.1 makes SSL requests to a webserver with an expired SSL certificate installed, the SSL requests fail with 'CertificateExpiredException'. Using an valid SSL server certificate fixes the problem. However, since expired certs are often used on internal test servers, it is preferable JMeter be given the ability to ignore certificate validity, as requested by [http://issues.apache.org/bugzilla/show_bug.cgi?id=39279 JMeter Bugzilla entry 39279]
Recording HTTPS
The JMeter proxy can record HTTP requests, but it cannot record HTTPS, because the data is already encrypted by the time it reaches the JMeter proxy. If the proxy could decrypt it, it would not be very secure ...
So, what are the options for generating test plans using HTTPS?
- just create the requests manually.
- if your server supports it, record the session using HTTP, and then change the default to HTTPS
use a browser add-on that can record the requests before they are encrypted. Check for [https://addons.mozilla.org/?application=firefox Firefox extensions]; or for IE, check out [https://www.badboy.com.au/ BadBoy]