Re: [Webtest] Anyone using Webtest and SSL? - Paul King - com.canoo.lists.webtest

8 messages in com.canoo.lists.webtestRe: [Webtest] Anyone using Webtest an...

From	Sent On	Attachments
Troy McGuire	24 Apr 2006 11:47
Fabian Peters	24 Apr 2006 13:13
Troy McGuire	24 Apr 2006 14:04
Ji Yun Kim	24 Apr 2006 15:11
Paul King	24 Apr 2006 15:16
Richard HALLIER	24 Apr 2006 22:41
Denis N. Antonioli	25 Apr 2006 00:18
Siegfried Goeschl	25 Apr 2006 02:16

Subject:	Re: [Webtest] Anyone using Webtest and SSL?
From:	Paul King (pau...@asert.com.au)
Date:	04/24/2006 03:16:07 PM
List:	com.canoo.lists.webtest

Your webtest tests seem fine. I think it is a problem with the keystore.

Cheers, Paul.

Troy McGuire wrote:

My specific issue, I think, is in regards to creating/using a trusted keystore. I have followed the directions using keytool, but still received errors. Marc Guillemot directed me to:

http://webtest.canoo.com/webtest/reports/selftest/WebTestReport.html#testspec213

So, I copied and pasted portions from that to my script, which appears to be a different implementation of what I already had, but I did get a different error. Prior to making that change the error I was getting was:

*************************** [invoke] INFO (com.canoo.webtest.steps.Step) - Exception thrown from this class: javax.net.ssl.SSLHandshakeException [invoke] INFO (com.canoo.webtest.steps.Step) - Message was: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target ***************************

After pasting/replacing some of the items from the link that Marc gave me I now get the following error:

*************************** [invoke] INFO (com.canoo.webtest.steps.Step) - Running with: Canoo Webtest: R_1274. [invoke] INFO (com.canoo.webtest.steps.Step) - Exception thrown from this class: javax.net.ssl.SSLHandshakeException [invoke] INFO (com.canoo.webtest.steps.Step) - Message was: sun.security.validator.ValidatorException: PKIX path validation failed: java.security.cert.CertPathValidatorException: timestamp check failed ***************************

I've searched the web for the above error, but really didn't find anything that let me know what the issue is. Below are the two versions of my script (before and after the changes I made).

***********Script yielding the first error above**************** <?xml version="1.0"?> <!DOCTYPE project SYSTEM "/usr/local/sbin/canoo_webtest/selftests/config/WebTest.dtd">

<project name="loginpage" basedir="." default="main"> <property name="webtest.connectioninitializer" value="com.canoo.webtest.security.SunJsseBaseConnectionInitializer" /> <property name="webtest.truststore.file" value="trust.keystore" /> <property name="webtest.truststore.passphrase" value="XXXXXX" /> <property name="webtest.home" location="/usr/local/sbin/canoo_webtest" /> <import file="${webtest.home}/lib/taskdef.xml" /> <target name="main"> <webtest name="loginpage"> <config host="secure.customerdb.com" port="443" protocol="https" basepath="admin" summary="true" saveresponse="true" resultpath="results" resultfile="results.xml"/> <steps> <invoke description="Get Login Page" url="index.php" /> <verifyTitle description="Verify Login Page Title" text="Customer :: Database Administration" /> </steps> </webtest> </target> </project> ************************************************************************ ...and for the next/current one.... ***********Script yielding the second error above**************** <?xml version="1.0"?> <!DOCTYPE project SYSTEM "/usr/local/sbin/canoo_webtest/selftests/config/WebTest.dtd">

<project name="tm_loginpage" basedir="." default="main"> <property name="webtest.home" location="/usr/local/sbin/canoo_webtest" /> <import file="${webtest.home}/lib/taskdef.xml" /> <target name="callBaseHttps"> <antcall target="https"> <param name="webtest.port" value="${webtest.ssl.port}"/> <param name="webtest.protocol" value="https"/> <param name="webtest.truststore.file" value="trust.keystore"/> <param name="webtest.truststore.passphrase" value="XXXXXX"/> <param name="webtest.connectioninitializer" value="com.canoo.webtest.security.SunJsseBaseConnectionInitializer"/> <param name="webtest.keystore.alias" value=""/> </antcall> </target> <target name="main"> <webtest name="tm_loginpage"> <config host="secure.customer.com" port="443" protocol="https" basepath="admin" summary="true" resultfile="results.xml"/> <steps> <invoke description="Get Login Page" url="index.php" /> <verifyTitle description="Verify Login Page Title" text="Customer :: Dealer Database Administration" /> </steps> </webtest> </target> </project> ************************************************************************

Thanks for your response!

Troy McGuire troy AT spawnordie DOT com

Fabian Peters wrote:

Am 24.04.2006 um 20:48 schrieb Troy McGuire:

I'm curious as to how many people using Webtest with SSL pages. I've seen a few posts regarding this issue, but it doesn't appear that many people have experience in this area. So far I've been able to use Webtest to verify loading a page (so I know that I have it installed and am using it 'somewhat' correctly), however to test my customer's site I need to login via SSL. Most suggestions that I've seen from this list are usually something like, "I haven't tried this, but it might work for you...". From my research of some different web gui testing tools, this appears to be the better one, but if I can't even test the login I'll have to look at what else is available. Is anyone experienced in this area?

We're using webtest on a site with redirects to an SSL server, an SSL login page and a customer account section that's only accessible via SSL. No problems. Do you have any specific issue?

cheers

Fabian

Thank You,

Troy