Record JMeter script for Mobile App making HTTPS calls

2
votes

I am trying to do performance test using JMeter for a mobile application. My application is secured and makes HTTPS calls. I came across below guide to install a certificate on client side. Can anyone tell me how can I get this certificate? Do I have to buy SSL Certificate and install it on my computer and my android device? Can some one help me to make me understand below guide in plain English? I am successfully able to record and playback when our mobile APP is not Secured i.e. able to make HTTP calls without any troubles. Thanks and any help is appreciated. Also, I am okay to pay for a Training on JMeter who can teach me how to do this. Thanks.

https://www.blazemeter.com/blog/how-set-your-jmeter-load-test-use-client-side-certificates/

1
ssljmeterssl-certificate

1 Answers

2
votes

In order to be able to record the mobile device traffic you need to install JMeter's MITM certificate which will allow JMeter to intercept and decrypt secure requests.

You don't need to buy anything, the certificate is being generated in "bin" folder of your JMeter installation when you start HTTP(S) Test Script Recorder, the file is called ApacheJMeterTemporaryRootCA.crt and this is the certificate you need to install onto your mobile device/emulator in order to be able to record HTTPS traffic.

The instructions differ depending on mobile OS and even OS version, the most painful is capturing traffic on Android >= 7.0, the exact steps can be found in Bypassing Android’s Network Security Configuration and Recording Using Android Devices guides