Intive-FDV Blog

Disabling the SSL Certificate in JMeter

When we want to do stress tests, we often need to run our JMeter scripts on multiple servers at the same time. Probably, the infrastructure available isn’t appropriate to run such tests, which results in that we cannot maintain permanent configurations, we are unable to know the servers’ IP beforehand, or we even fail to have JMeter installed in the first place.

I had to deal with this problem once, when I needed to generate a big load. I could run tests from a single server but they would only allow me to generate up to 20.000 requests a minute, when I needed to generate 100.000. With JMeter, it’s relatively easy to do that. I could distribute tests on five servers to reach the desired amount.

Even though using JMeter in distributed mode is quite straightforward, I encountered an obstacle. There are three basic requirements to run tests in distributed mode: having the same version of JMeter in all servers, having the same version of Java in all servers as well, and having a valid keystore to enable RMI (Remote Method Invocation) on SSL (Security Sockets Layer). I had problems meeting this requirement.

But the solution seems quite simple according to this documentation. JMeter has a specific .jks file generator: it’s executed in a server and then distributed to every JMeter program that is in use. That should be it, theoretically. However, when I tried it, I failed. Maybe I wasn’t following the steps right, or maybe there was something else. At the same time, since I was running the tests on Amazon “ephemeral” machines, I had to repeat the process every time. Yes, I know I could have generated an AMI (Amazon Machine Image) of everything I had done, but it didn’t occur to me then.

One way to ignore this is to disable the SSL certificate for RMI, which is quite simple. It probably won’t always be the best solution, but in a controlled environment (as in this case, where all the servers running tests were connected to the same AWS network) it can prove to be a good and fast alternative.

There are two ways of disabling the SSL certificate in JMeter. One is to add a JMeter start-up configuration. You just have to look for the jmeter.properties file and add the code line ‘server.rmi.ssl.disable=true’. This can be done in the server that is controlling the tests as well as in the nodes where they are executed. It’s something pretty easy and simple to do. But I did it differently.

Basically, what I did was to rewrite the SSL certificate property in the commands line. JMeter allows us to rewrite properties of the configuration files at start-up. To do that, you only have to add the following command: ‘J<PropertyToBeRewritten>’. In this case, when putting together nodes in server mode, this is the command I got: ‘jmeter -s -Jserver.rmi.ssl.disable=true’.

It’s necessary to ignore the SSL certificate in the master server as well. It follows the same logic. For example, you can have a command similar to this: ‘jmeter -n -t jmeter.jmx -Rlocalhost -Jserver.rmi.ssl.disable=true’.

Personally, I had trouble understanding a few things and I found JMeter documentation to be a bit confusing. But it was worth the effort because it’s a powerful tool. I hope this has been helpful!

Fernando Lescano

He is one of our Tech Leaders and has been a developer at intive – FDV since March 2015. In the company, he works with technologies like Javascript ( NodeJS, AngularJS, MongoDB, Jquery, etc.), Python (Django), Java and PHP. He also takes part in the Frontend Team. He defines himself as “passionate about software development, but with many other interests”. Since December 2015 he has managed the development and maintenance of Java and of new JavaScript components (AngularJS). He is received a degree as a University Technician with a focus on software development and information technology from the Universidad Provincial de Ezeiza.

Add comment