Jmeter Root certification installer for Android?

1
votes

How can I install Root CA Certificate, i.e. an Apache jmeter TemporaryRootCA created in Jmeter bin in Mobile for Android (Native) application? How can I Install that package in Mobile for recording purposes (Script Recorder)?

2
jmeter
Any feedback on answer ? if one is ok, it should be accepted and upvoted. Thank youUBIK LOAD PACK

2 Answers

1
votes

First use JMeter Recording Template Then start JMeter's HTTP(S) Test Script Recorder, it will generate in jmeter/bin folder, a file called ApacheJMeterTemporaryRootCA.crt . Copy file to your android device and install it as CA Certificate. See How do I install a user certificate? thread for more details.

The certificate has limited life time (defaults to 7 days) but you can extend it by setting in user.properties

proxy.cert.validity=Number of days

Now the problem you'll face in Android >= 7.0 is that applications only use by default System installed Certificates.

So you'll need to ask developper of application to modify the APK, see why here.

Edit manifest and add :

android:networkSecurityConfig="@xml/network_security_config"

You'll get:

 <?xml version="1.0" encoding="utf-8"?>
 <manifest ... >
     <application android:networkSecurityConfig="@xml/network_security_config"
                ... >
    ...
     </application>
 </manifest>

Then add in res/xml/network_security_config.xml this:

 <?xml version="1.0" encoding="utf-8"?>
 <network-security-config>  
       <base-config>  
             <trust-anchors>  
                 <!-- Trust preinstalled CAs -->  
                 <certificates src="system" />  
                 <!-- Additionally trust user added CAs -->  
                 <certificates src="user" />  
            </trust-anchors>  
       </base-config>  
 </network-security-config>

Note that this is needed whatever tool you use (Neoload, LoadRunner, ...)

For full details you can read:

0
votes

When you start JMeter's HTTP(S) Test Script Recorder JMeter generates ApacheJMeterTemporaryRootCA.crt in its "bin" folder. The easiest way to get it installed onto Android device is:

  1. Send the certificate to yourself by email from the desktop computer as an attachment
  2. Open the email on the Android device
  3. Click the certificate in the attachment and follow Android instructions to install it

Remember that the certificate has limited life time (it is valid for 7 days) so ensure that it is up-to-date while recording.

See How do I install a user certificate? thread for more details.

Alternative solution would be using a cloud-based proxy service which automates certificate installation process. Moreover you will be able to export recorded requests in "SmartJMX" mode with automatic correlation of the dynamic parameters.