current position:Home>HTTPS pressure test you don't know
HTTPS pressure test you don't know
2022-05-15 03:22:15【Alibaba cloud native】
author : tidy up one's dress upon leaving
introduction
With the popularity of Internet security norms , Use HTTPS Technology for communication encryption , Realize website and APP Trusted access for , It has become a recognized safety standard . This article will introduce the HTTPS The focus of protocol stress testing , And the use of PTS do HTTPS Technical advantages and best practices of pressure measurement .
Common websites or APP Pressure measurement is required in 3 Kinds of scenes :
- Before the newly developed system or function goes online, you need to know its performance and water level .
- Technical tuning of the system 、 The performance of the system is compared through pressure measurement before and after capacity expansion .
- Evaluate the performance of the system before participating in platform activities .
What is? HTTPS
HTTPS Our English full name is :Hyper Text Transfer Protocol over Secure Socket Layer, It's security oriented HTTP passageway . As can be seen from the full name , It's not really a new application layer protocol , It's just HTTP The protocol uses... As the communication interface SSL Replaced the TCP.HTTP Agreement , application layer HTTP Directly with the transport layer TCP signal communication , stay HTTPS Agreement , application layer HTTP And SSL signal communication ,SSL And then with the transport layer TCP signal communication , See the picture for details :
HTTPS adopt SSL Layer encryption , It can prevent the website from being tampered with and hijacked . Let's take a brief look at HTTPS How to encrypt and decrypt :
First, the client and server will negotiate the encryption algorithm and protocol version . After the negotiation , The server sends the public key to the client , After the client gets the public key , Generate a random cipher string (Pre-master secret), And returned to the server through public key encryption . After the server decrypts the ciphertext with the private key , Get this random cipher string (Pre-master secret), Then through the negotiation of random number and encryption algorithm , Generate symmetric encryption key . thus , Both sides got the same key , Later, use this key to realize symmetric encryption and decryption .
We know that symmetric encryption performs better , But as long as you hold the key , Can decrypt the hijacked ciphertext , Can't solve the problem of being hijacked . Asymmetric encryption is relatively more secure , But at the same time, the performance overhead of encryption and decryption is large . It can be seen that HTTPS Asymmetric encryption is used in the handshake phase , Symmetric encryption is used in subsequent communication , It not only ensures the safety , And maximize the performance .
HTTPS The focus of pressure measurement
SSL Handshake strategy
HTTPS In the handshake phase, there is a process of encryption and decryption , So compared HTTP Consume more computing resources . The pressure measurement engine performs requests to simulate a large number of users , Often the underlying layer will be in the global or thread dimension , Reuse TCP The connection and SSL Handshake messages . This improves the performance of the press , But for scenarios where you want to simulate different client behavior each time you loop , The presser only simulates enough flow pressure , Not enough simulation SSL Shake hands to calculate pressure , It may cause the problem that the pressure simulation is not accurate enough , As shown in the figure below :
therefore , stay HTTPS Under pressure test , According to the specific business logic of the pressure test scenario , Specifies whether to reset each cycle SSL Handshake status , Accurately simulate SSL Shake hands to calculate pressure .
SSL Protocol version
HTTPS Pressure measurement , On the client side ( Pressure machine ) And the server SSL The first step of shaking hands , The client will inform the server of the maximum support it supports SSL Protocol version , Then the server will start from the intersection of its own version and the version supported by the client , Take the highest version as the actual SSL edition .
During the pressure test , We need to evaluate the mainstream version of the real client , And configure it on the pressure engine . Avoidable cause SSL Different versions , cause SSL Handshake calculation pressure simulation is not accurate .
Why PTS—PTS do HTTPS Advantages of pressure measurement
JMeter、Gatling、K6 And other open source pressure measurement tools HTTPS There are different levels of support .JMeter [1] Support to configure whether the cycle is reset SSL Handshake status , And support the configuration of the client SSL Protocol version , But it is not supported by default HTTP2 agreement .Gatling [2] By default, each virtual user shares SSL Context , Control loop reset is not supported SSL Handshake status .K6 [3] At present, only settings are supported SSL Protocol version .
PTS As a cloud pressure measurement tool , Support the following HTTPS Related features :
- Support HTTP2 HTTP2 Comparison HTTP1.1 Performance improvement , At present, mainstream browsers have supported HTTP2 agreement . To simulate a real client , It is recommended to use HTTP2 agreement .
- Support settings SSL Handshake strategy Support to configure whether the cycle is reset SSL Handshake status , According to the business scenario , Choose whether to reset .
- Support specifying SSL Protocol version
Use PTS Pressure measurement , It can more truly simulate the client initiated HTTPS pressure , Make the pressure measurement results more reliable .
How to— How to use PTS do HTTPS Pressure measurement
Set up SSL Handshake strategy
about HTTPS Pressure measurement , At each cycle of the series link , You need to choose whether to reset SSL Connection status . If you choose reset , When each cycle of the series link is executed , Will reinitialize SSL state , In this way, the pressure measurement scene representing different users in each cycle can be simulated more accurately , At the same time, it will bring some performance overhead to the pressure machine .
Use scenarios
Scene one :HTTPS Pressure measurement , Hope to simulate 100 Users log in , While maintaining this 100 Users repeatedly access the system . At this time, the series link executes each cycle , It simulates the behavior of the same virtual user . This switch should be set to “ no ”, Then set the concurrency number to 100.
Scene two :HTTPS Pressure measurement , Hope to simulate 5 Within minutes , Every moment has 100 Different users have access to the system . At this time, the series link executes each cycle , It simulates the behavior of different virtual users . In order to ensure the authenticity of pressure simulation , This switch should be set to “ yes ”, Then set the concurrency number to 100. At the same time, because after turning on this switch , The presser has additional performance overhead , It is suggested to expand the pressure machine IP Count .
Set up SSL Protocol version
Here are some common browser pairs SSL The support of version is for your reference :
It can be seen that , Mainstream browsers are 2018~2020 Both around the year supported TLSv1.3. therefore , If the client of your pressure test scenario simulation is relatively new , I suggest you choose TLSv1.3 As SSL edition ; contrary , If your pressure test scenario needs to simulate the old browser client , I suggest you choose TLSv1.2 As SSL edition .
How to record HTTPS Traffic
Each pressure measurement tool provides an agent-based flow recording tool , It is convenient to record the traffic of the client , And quickly build the pressure test script . about HTTPS Recording of protocol , In addition to configuring agents , You also need a certificate of trust , Complicated operation .
PTS Provides a certificate free recording scheme : Browser plug-in , Support fast recording HTTPS Traffic , Decrypt and convert to PTS Pressure test scenario , It also supports exporting to JMeter Script , Welcome to download [4] Use , Refer to the documentation for detailed operation [5] .
At the same time, record for mobile traffic ,PTS It provides real cloud machines and local devices 2 Kind of plan . The cloud real machine has been preset PTS Agent configuration , Support mobile phone operation in browser , Recording traffic , No need to configure agents and certificates , Refer to the documentation for detailed operation [6] .
summary
Sum up , This paper mainly expounds :
- What is? HTTPS
- HTTPS Precautions in pressure measurement
- How to use PTS do HTTPS Pressure measurement
More exchanges , Welcome to the nail group to communicate ,PTS User communication group number :11774967
meanwhile ,PTS New selling methods are coming , The price of the basic version has dropped 50%! Million concurrent prices just 6200! More new users 0.99 Experience version 、VPC Exclusive version of pressure measurement , Welcome to buy !
Reference documents
[1] JMeter( Official documents ):
[2] Gatling( Official documents ):
https://gatling.io/docs/gatling/reference/current/http/ssl/
[3] K6:
https://k6.io/docs/using-k6/options/#tls-version
[4] download (PTS HTTPS Recorder plug-in ):
[5] file (PTS The recorder uses documents —Chrome Browser scene ):
https://help.aliyun.com/document_detail/187749.html
[6] file (PTS The recorder uses documents —Android Mobile end scenario ):
https://help.aliyun.com/document_detail/72519.html
[7] PTS HTTPS Set up documents :
https://help.aliyun.com/document_detail/143194.html
Click on here , Go to performance test PTS Learn more on the official website page !
copyright notice
author[Alibaba cloud native],Please bring the original link to reprint, thank you.
https://en.qdmana.com/2022/132/202205112033221254.html
The sidebar is recommended
- Build an electron project based on Vue from scratch
- In Vue project, solve the problem of verification conflict when eslint and prettier are used at the same time
- Vue3 + vuecli4 solve chunk vendors JS file is too large. Scheme summary
- Scheme summary of eslint check before vue3 + vite configuration project operation and eslint check before git submission
- Fatal authentication failed for 'httpxxxx Git 'solution
- Vue's solution to the compatibility of hevc encoded video in each end browser
- Record the solution to the error in obtaining the picture in springboot in Vue
- [Vue] detailed analysis of the life cycle function of Vue components
- [Vue] deeper understanding of user-defined attribute props
- [Vue] front end error: cannot read properties of undefined (reading 'split')
guess what you like
[Vue] asynchronous problem of component value transfer -- the sub component gets the data slowly
[Vue] Vue data changes, but the page is not updated in real time
[element UI] use of form verification -- detailed explanation
[Vue] use of slots - Review
The influence on the fixed positioning element of the inner layer when the outer element has a fixed height and overflows and rolls
Precautions
Change detection strategy of angular component
Angular service and @ injectable
JS, HTML and CSS are not compatible and do not use common knowledge
Properties to be known in angular @ component
Random recommended
- Angular acquisition and operation DOM
- Html2canvas problem
- Use day in Vue JS (time and date processing library)
- Vue cli configuring preprocessor global variables (take less as an example)
- How to use H5 custom tags in Vue?
- Come on, vue2 customize global loading
- Come on, Vue move the end suspension ball assembly
- React routing foundation and transmission parameters
- Come on, Vue graphic verification code component
- JavaScript judges browser types and kernels at home and abroad (including 360, QQ, Sogou, etc.)
- ArcGIS JavaScript 4. Generates a rectangular buffer at the point of X
- Node under window JS installation, environment configuration, setting Taobao image
- Understanding of prototype and prototype object of JavaScript
- How to customize the startup port of react project!
- Why vue3 0 using proxy to realize data listening 2021-06-21
- Front end artifact - download, configuration and use process of Charles (vase) [Mac version]
- React next configures SVG loader and supports SVG configurability
- React native Android phone cannot be opened after installation. Flash back!
- Fetch and Axios failed to request on Android, with error messages: network request failed and network error
- How to upgrade react Babel 7.1.0
- babel7. 0 compatible with IE browser
- Nginx configuring reactrouter browserhistory browserrouter
- JS, react use html2canvas page screenshot and export
- Big data front-end visualization screen -- the road of front-end development
- [a quick introduction and comparison of multiple languages -- JavaScript, typescript, python, golang, trust, Java, ruby]
- Vue element admin login function, token filling, language conversion, routing setting
- Summation of corresponding position elements of multiple lists in Python
- Discussion on HTML page knowledge
- Using Ajax to realize non refresh paging
- HTTP format
- Zhang San has a meal - did he eat the difference between get and post in HTTP?
- The ultimate actual combat of the most complete tourism project based on spring boot + Vue front-end and back-end separation in history (with source code attached), none of them!!!
- Vue basic grammar
- LeetCode 217. There are duplicate elements
- Pagoda does not configure the solution of SSL site accessing HTTPS and jumping to other websites
- Vue3 isProxy
- About the problem that the container will hang up after starting nginx in the docker container
- Introduction to JavaScript
- The core element of large-scale software design is to control complexity. What is the root cause?
- What are the core elements of large-scale software design?