Recorder self-signed certificate crashes on Java 15+

gkandale · November 18, 2022, 5:22pm

Hi, I recently upgraded to the 3.8.4 release of Gatling and I have openjdk@17/17.0.5 installed. When I try to record traffic using gatling3.8.4 recorder I get an exception which I don’t get when I use the recorder in gatling3.5.1

The exception is:

> [ERROR] [11/18/2022 12:18:43.587] [recorder-akka.actor.internal-dispatcher-3] [akka://recorder/user/$a] No provider succeeded to generate a self-signed certificate. See debug log for the root cause.
> java.security.cert.CertificateException: No provider succeeded to generate a self-signed certificate. See debug log for the root cause.
> 	at io.netty.handler.ssl.util.SelfSignedCertificate.<init>(SelfSignedCertificate.java:249)
> 	at io.netty.handler.ssl.util.SelfSignedCertificate.<init>(SelfSignedCertificate.java:166)
> 	at io.netty.handler.ssl.util.SelfSignedCertificate.<init>(SelfSignedCertificate.java:115)
> 	at io.netty.handler.ssl.util.SelfSignedCertificate.<init>(SelfSignedCertificate.java:90)
> 	at io.gatling.recorder.http.ssl.SslServerContext$SelfSignedCertificate$.context$lzycompute(SslServerContext.scala:70)
> 	at io.gatling.recorder.http.ssl.SslServerContext$SelfSignedCertificate$.context(SslServerContext.scala:69)
> 	at io.gatling.recorder.http.ssl.SslServerContext$SelfSignedCertificate$.context(SslServerContext.scala:78)
> 	at io.gatling.recorder.http.ssl.SslServerContext.createSSLEngine(SslServerContext.scala:39)
> 	at io.gatling.recorder.http.ssl.SslServerContext.createSSLEngine$(SslServerContext.scala:38)
> 	at io.gatling.recorder.http.ssl.SslServerContext$SelfSignedCertificate$.createSSLEngine(SslServerContext.scala:67)
> 	at io.gatling.recorder.http.flows.SecuredNoProxyMitmActor.onClientChannelActive(SecuredNoProxyMitmActor.scala:69)
> 	at io.gatling.recorder.http.flows.SecuredMitmActor$$anonfun$2.applyOrElse(SecuredMitmActor.scala:54)
> 	at io.gatling.recorder.http.flows.SecuredMitmActor$$anonfun$2.applyOrElse(SecuredMitmActor.scala:45)
> 	at scala.runtime.AbstractPartialFunction.apply(AbstractPartialFunction.scala:35)
> 	at akka.actor.FSM.processEvent(FSM.scala:851)
> 	at akka.actor.FSM.processEvent$(FSM.scala:848)
> 	at io.gatling.recorder.http.flows.MitmActor.processEvent(MitmActor.scala:57)
> 	at akka.actor.FSM.akka$actor$FSM$$processMsg(FSM.scala:845)
> 	at akka.actor.FSM$$anonfun$receive$1.applyOrElse(FSM.scala:840)
> 	at akka.actor.Actor.aroundReceive(Actor.scala:537)
> 	at akka.actor.Actor.aroundReceive$(Actor.scala:535)
> 	at io.gatling.recorder.http.flows.MitmActor.aroundReceive(MitmActor.scala:57)
> 	at akka.actor.ActorCell.receiveMessage(ActorCell.scala:579)
> 	at akka.actor.ActorCell.invoke(ActorCell.scala:547)
> 	at akka.dispatch.Mailbox.processMailbox(Mailbox.scala:270)
> 	at akka.dispatch.Mailbox.run(Mailbox.scala:231)
> 	at akka.dispatch.Mailbox.exec(Mailbox.scala:243)
> 	at java.base/java.util.concurrent.ForkJoinTask.doExec(ForkJoinTask.java:373)
> 	at java.base/java.util.concurrent.ForkJoinPool$WorkQueue.topLevelExec(ForkJoinPool.java:1182)
> 	at java.base/java.util.concurrent.ForkJoinPool.scan(ForkJoinPool.java:1655)
> 	at java.base/java.util.concurrent.ForkJoinPool.runWorker(ForkJoinPool.java:1622)
> 	at java.base/java.util.concurrent.ForkJoinWorkerThread.run(ForkJoinWorkerThread.java:165)
> 	Suppressed: java.lang.NoClassDefFoundError: org/bouncycastle/jce/provider/BouncyCastleProvider
> 		at io.netty.handler.ssl.util.SelfSignedCertificate.<init>(SelfSignedCertificate.java:240)
> 		... 31 more
> 	Caused by: java.lang.ClassNotFoundException: org.bouncycastle.jce.provider.BouncyCastleProvider
> 		at java.base/jdk.internal.loader.BuiltinClassLoader.loadClass(BuiltinClassLoader.java:641)
> 		at java.base/jdk.internal.loader.ClassLoaders$AppClassLoader.loadClass(ClassLoaders.java:188)
> 		at java.base/java.lang.ClassLoader.loadClass(ClassLoader.java:520)
> 		... 32 more
> Caused by: java.lang.IllegalAccessError: class io.netty.handler.ssl.util.OpenJdkSelfSignedCertGenerator (in unnamed module @0x4dca0ecd) cannot access class sun.security.x509.X509CertInfo (in module java.base) because module java.base does not export sun.security.x509 to unnamed module @0x4dca0ecd
> 	at io.netty.handler.ssl.util.OpenJdkSelfSignedCertGenerator.generate(OpenJdkSelfSignedCertGenerator.java:52)
> 	at io.netty.handler.ssl.util.SelfSignedCertificate.<init>(SelfSignedCertificate.java:246)
> 	... 31 more

and my recorder configuration is:

As mentioned above I am able to use the recorder with Postman in gatling3.5.1 but cannot in 3.8.4. I’m interested in the Java17 feature of the recorder otherwise I would accept the scala version that gatling3.5.1 creates.

Also, my Postman is setup like this:

-George

slandelle · November 18, 2022, 5:49pm

That’s a bug indeed. But it’s not related to your Gatling version upgrade. It’s related to your Java version upgrade.
See here for more details: Recorder: self-signed certificates don't work with Java 15+ · Issue #4352 · gatling/gatling · GitHub

This will be fixed in the next release.

gkandale · November 18, 2022, 6:35pm

Thank you Stéphane! I appreciate the quick response. I was able to use the Certificate Authority feature in the meantime to get around this issue!

-GK

system · December 18, 2022, 6:35pm

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Error Recording Using Gatling Tool Gatling (Open-Source)	0	120	February 25, 2019
Error While Recording A Scenario Using Gatling Performance Tool Gatling (Open-Source)	4	96	February 26, 2019
Recorder won't start Gatling (Open-Source)	5	91	April 2, 2014
Error in recorder (2.0.0-RC2) Gatling (Open-Source)	6	95	August 21, 2014
When I want to generate the certificate. It is not generate Gatling (Open-Source)	2	318	August 24, 2022

Recorder self-signed certificate crashes on Java 15+

Related Topics