Hi Team,
I am trying to do stress test on my https site. But it fails with handshake error. I think by default gatling supports https. It works fine with https://google.co.in. Do I need to set some configuration for this. I am new to this.
Thanks in Advance
Regards,
Asreedh
What’s the error/stacktrace exactly?
Which version do you use?
11:36:48.276 [DEBUG] i.g.h.a.AsyncHandler - Request 'Demo Test' failed for user 918894289564419333-90 javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name at sun.security.ssl.ClientHandshaker.handshakeAlert(ClientHandshaker.java:1373) ~[na:1.7.0_65] at sun.security.ssl.SSLEngineImpl.recvAlert(SSLEngineImpl.java:1758) ~[na:1.7.0_65] at sun.security.ssl.SSLEngineImpl.readRecord(SSLEngineImpl.java:1063) ~[na:1.7.0_65] at sun.security.ssl.SSLEngineImpl.readNetRecord(SSLEngineImpl.java:887) ~[na:1.7.0_65] at sun.security.ssl.SSLEngineImpl.unwrap(SSLEngineImpl.java:761) ~[na:1.7.0_65] at javax.net.ssl.SSLEngine.unwrap(SSLEngine.java:624) ~[na:1.7.0_65] at org.jboss.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1282) ~[netty-3.9.2.Final.jar:na] at org.jboss.netty.handler.ssl.SslHandler.decode(SslHandler.java:917) ~[netty-3.9.2.Final.jar:na] at org.jboss.netty.handler.codec.frame.FrameDecoder.callDecode(FrameDecoder.java:425) ~[netty-3.9.2.Final.jar:na] at org.jboss.netty.handler.codec.frame.FrameDecoder.messageReceived(FrameDecoder.java:303) ~[netty-3.9.2.Final.jar:na] at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:268) ~[netty-3.9.2.Final.jar:na] at org.jboss.netty.channel.Channels.fireMessageReceived(Channels.java:255) ~[netty-3.9.2.Final.jar:na] at org.jboss.netty.channel.socket.nio.NioWorker.read(NioWorker.java:88) ~[netty-3.9.2.Final.jar:na] at org.jboss.netty.channel.socket.nio.AbstractNioWorker.process(AbstractNioWorker.java:108) ~[netty-3.9.2.Final.jar:na] at org.jboss.netty.channel.socket.nio.AbstractNioSelector.run(AbstractNioSelector.java:318) ~[netty-3.9.2.Final.jar:na] at org.jboss.netty.channel.socket.nio.AbstractNioWorker.run(AbstractNioWorker.java:89) ~[netty-3.9.2.Final.jar:na] at org.jboss.netty.channel.socket.nio.NioWorker.run(NioWorker.java:178) ~[netty-3.9.2.Final.jar:na] at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [na:1.7.0_65] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [na:1.7.0_65] at java.lang.Thread.run(Thread.java:745) [na:1.7.0_65] 11:36:48.277 [WARN ] i.g.h.a.AsyncHandlerActor - Request 'Access the Token' failed: javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name 11:36:48.278 [DEBUG] i.g.h.a.AsyncHandlerActor - >>>>>>>>>>>>>>>>>>>>>>>>>> Request: Demo Test: KO javax.net.ssl.SSLProtocolException: handshake alert: unrecognized_name
Version:2.0
Does this happen under load, or even with just one single user?
No. This is happening when trying with single request for a single user
So either you're not hitting a real https website or your https layer is utterly broken.
I had same problem earlier while testing Gatling with one of the servers. I read somewhere in one of the threads that by doing the following, we could fix it. I tried it and it worked.
Add the following line to JAVA_OPTS in gatling.bat or gatling.sh and re-run gatling.
-Djsse.enableSNIExtension=false
Hope this helps.
Thanks,
Umesh
Good catch Umesh.
I’m still wondering if we should disable SNI by default. I mean, the issue is with the server in the first place, with certificates being not properly configured (missing name).
I am not sure, if disabling SNI by default is a good idea. In my case, the server certificate was self-signed, which would have caused this issue. Otherwise, mostly the server certificates are issued by a valid CA. So, keeping SNI enabled definitely makes sense.
Thanks,
Umesh
Actually, you got rejected by SNI not because you used a self-signed certificate, but because it was generated without a name, or with a name that didn’t match the hostname.
I just checked with a proper named self-signed certificate and Gatling works as expected.
Hi Stephane,
I am not quite sure what the problem is in my case then. The URL that I am hitting is a load balancer URL and there are 3 servers behind the load balancer. And all the server host names are present in the certificate (under subject alt name attribute). May be, I should try adding the CA in to the keystore.
Thanks,
Umesh
Hi Umesh.
If you have a “unrecognized_name” error, there’s definitively something fishy on your side, like misconfigured server names or DNS.
Hi Stephane/Umesh,
We are trying to implement Gatling in one of our project and we are getting handshake failure when we are hitting our application.Our application is single signon https application where it takes credentials at the first time only.I tried passing username/pwd in url like https://username:password@url.com but no luck.Please see the exact error below.Any help will be highly appreciated.Thanks in advance!
01:08:10.830 [WARN ] i.g.h.a.ResponseProcessor - Request ‘Home_Page’ failed: j.n
.ConnectException: Received fatal alert: handshake_failure