Keystore configuration element in JMeter helps to configure the Client’s side certificate. Some systems require a Client-side certificate which helps the server to know exactly who is connecting.
Before adding a Keystore Configuration element, you must set up a Java Key Store with the client certificates that you want to test. Follow the below steps:
#1 Create your certificates either with Java keytool utility or through your PKI and converting them to a format acceptable by JKS: If you have a PKCS12 file, use the following command line to convert it to a JKS file:
keytool -importkeystore -srckeystore certificate.p12 -srcstoretype PKCS12
-srcstorepass
-keystore -storepass
#2 Changes need to be done in system.properties file (if not available (or commented) then add (or uncomment) them:
javax.net.ssl.keyStore=path_to_keystore
javax.net.ssl.keyStorePassword=password_of_keystore
#3 Change your HTTP sampler implementation to Java (instead of HC3.1 or HC4)
Keystore Configurations:
Preload: This option helps you to choose whether you want preload Keystore or not?
Variable name holding certificate alias: Variable name that will contain the alias to use for authentication by client certificate.
Alias Start Index: The index of the first key to use in Keystore, 0-based
Alias End Index: The index of the last key to use in Keystore, 0-based. When using “Variable name holding certificate alias” ensure it is large enough so that all keys are loaded at startup.