I want to use JMeter to simulate the TLS handshake process

Question

I want to modify each step in the TLS handshake process to test whether my tls server meets the specifications. For example, I want to use JMeter to simulate the first "client_hello" request of TLS, and I can customize the content of the parameters in the TLS protocol in JMeter. For example, I can set the "version" value to "aaabbb", and deliberately fail the negotiation . Any good ideas? handshake process

have a look at this thread, it might have with your case: https://stackoverflow.com/questions/39841364/how-to-setup-jmeter-tcp-sampler-with-ssl-tls — Parth Mehta, Dec 09 '19 at 13:45

score 0 · Answer 1 · answered Dec 09 '19 at 14:37

As per SSL Encryption chapter of JMeter User Manual

The JMeter HTTP samplers are configured to accept all certificates, whether trusted or not, regardless of validity periods, etc. This is to allow the maximum flexibility in testing servers.

Therefore if you need to validate the TLS handshake you will need to manually script the connection logic including low-level transport settings using Apache HttpComponents using JSR223 Sampler and Groovy language

Example code:

def sslContext = org.apache.http.conn.ssl.SSLContexts.custom().useTLS().build()

String [] protocols = ['aaabbb']

def f = new org.apache.http.conn.ssl.SSLConnectionSocketFactory(sslContext, protocols, null, org.apache.http.conn.ssl.SSLConnectionSocketFactory.BROWSER_COMPATIBLE_HOSTNAME_VERIFIER)

def client = org.apache.http.impl.client.HttpClients.custom().setSSLSocketFactory(f).build();

def get = new org.apache.http.client.methods.HttpGet('https://example.com')

client.execute(get)

Demo:

I want to use JMeter to simulate the TLS handshake process

1 Answers1