Maven Canoo WebTest SSL for Rookies

Either it is a peace of cake or nobody is using SSL for testing. If you fall in between, i.e. you have hardly ever heard about the keytool and still want to use SSL, then this is for you.

I got Canoo Webtest working with SSL and Basic Authentication on Microsoft Information Server. Using a client certificate instead of Basic Authentication requires some programming according to Dierk Koenig from Canoo Inc.

Install the JSSE

To enable SSL support in Java 1.3.x you need to download JSSE. Here you get the files "jcert.jar", "jnet.jar", "jsse.jar".

Copy them to the maven-webtest-x-y\plugin-resources\lib directory.

Get the Server Certificate

The server certificate can be downloaded by clicking at the "key lock" icon at Internet Explorer while having a SSL connection. The icon is locatetd at the very bottom at the right. The ceritifcate dialogs open and at "Details" you can click "Copy to File". Here you export the server certificate as DER encoded X.509 certificate. I'm using the name "pvpfsw2kweb.cer" for this example

Create your Server Keystore

We need a keystore containing the server certificate of the server you want to test. No certificate - no connection.

You create the "trust.keystore" with

keytool -import -storepass together -file pvpfsw2kweb.cer -keystore trust.keystore -alias pvpfsw2kweb

Confused?! We create a keystore with the name "trust.keystore" protected with the password "together". Into this keystore we import the certificate "pvpfsw2kweb.cer" with the alias "pvpfsw2kweb".

Now you have a keystore with the name "trust.keystore" with exactly one server certificate.

Tell Canoo Webtest about it

Canoo Webtest needs to know that you are going to use SSL. You have to define the following properties at the start of your webtest script.

Property Value Desc
webtest.connectioninitializer Tell Canoo Webtest to instantiate SSL connections
webtest.truststore.file webtest/certs/trust.keystore Tell Canoo Webtest where to look for server certificates

Now tell Canoo Webtest about using HTPPS and the port 443 in the config element.

Try it ...

Run your script and hope that everything works fine ... otherwise your are in for a long night in the office.

You can save your weekend if you test SSL and Basic Authentication with your browser. If this fails you have a server problem - maybe you can convince the admin that this is his/her problem and go home.

There is the possibility to turn on diagnostic debugging for the SSL connection ... checkout the JSSE documentation.