无法捕获HTTPS请求-移动性能测试 [英] Not able to capture HTTPS request - mobile performance testing

问题描述

Android TAB和JMeter用于捕获/记录应用程序流.但是，HTTPS请求并未在JMeter中捕获.我关闭了Jmeter并启用了Charles Proxy，然后再次进行了录制.在Charles中记录了相同的应用程序流之后，我接受了所有HTTPS请求并将其放置在Jmeter中.因为进行了两次录制，所以花费了更长的时间.

Android TAB and JMeter is being used to capture/ Record the application flow. But the HTTPS reqests are not capturing in JMeter. I turned off Jmeter and enabled Charles Proxy and did the recording again. After recording the same application flow in Charles I took all the HTTPS requests and placing in Jmeter. It took longer time because am doing the recording twice.

还有其他方法可以通过JMETER捕获HTTPS通信吗?

Is there any other way to capture the HTTPS traffic via JMETER?

感谢您的帮助并分享您的建议.

Apprecaite your help and share your suggestions.

关于， 西瓦

推荐答案

首次使用JMeter记录模板 然后启动JMeter的 HTTP(S)测试脚本记录器，将在jmeter/bin文件夹中生成一个名为ApacheJMeterTemporaryRootCA.crt的文件. 将文件复制到您的android设备，然后将其作为CA证书安装. 请参阅如何我应该安装用户证书吗?线程以获取更多详细信息.

First use JMeter Recording Template Then start JMeter's HTTP(S) Test Script Recorder, it will generate in jmeter/bin folder, a file called ApacheJMeterTemporaryRootCA.crt . Copy file to your android device and install it as CA Certificate. See How do I install a user certificate? thread for more details.

证书的有效期有限(默认为7天)，但是您可以通过在user.properties中进行设置来延长该证书

The certificate has limited life time (defaults to 7 days) but you can extend it by setting in user.properties

proxy.cert.validity =天数

proxy.cert.validity=Number of days

现在您将在Android> = 7.0中遇到的问题是，应用程序默认情况下仅使用系统安装的证书.

Now the problem you'll face in Android >= 7.0 is that applications only use by default System installed Certificates.

因此，您需要询问应用程序的开发人员来修改APK，看看为什么这里.

So you'll need to ask developper of application to modify the APK, see why here.

编辑清单并添加:

android:networkSecurityConfig ="@ xml/network_security_config"

android:networkSecurityConfig="@xml/network_security_config"

您将获得:

...

...

然后在res/xml/network_security_config.xml中添加以下内容:

Then add in res/xml/network_security_config.xml this:

 <?xml version="1.0" encoding="utf-8"?>
 <network-security-config>  
       <base-config>  
             <trust-anchors>  
                 <!-- Trust preinstalled CAs -->  
                 <certificates src="system" />  
                 <!-- Additionally trust user added CAs -->  
                 <certificates src="user" />  
            </trust-anchors>  
       </base-config>  
 </network-security-config>

请注意，无论您使用什么工具(Neoload，LoadRunner等)，都需要使用该工具

Note that this is needed whatever tool you use (Neoload, LoadRunner, ...)

这篇关于无法捕获HTTPS请求-移动性能测试的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！