JMeter issue with javax.net.ssl.SSLProtocolException: Received fatal alert: unexpected_message when testing GCP CloudRun

Question

I am using JMeter to run some POST requests to CloudRun for my API. When I run the process, the POST returns the error:

javax.net.ssl|DEBUG|12|Single Insert 1-1|2022-04-22 17:39:28.479 BST|Alert.java:238|Received alert message (
"Alert": {
  "level"      : "fatal",
  "description": "unexpected_message"
}
)
javax.net.ssl|ERROR|12|Single Insert 1-1|2022-04-22 17:39:28.479 BST|TransportContext.java:363|Fatal (UNEXPECTED_MESSAGE): Received fatal alert: unexpected_message (
"throwable" : {
  javax.net.ssl.SSLProtocolException: Received fatal alert: unexpected_message
    at java.base/sun.security.ssl.Alert.createSSLException(Alert.java:129)
...etc...

I have created a certificate with:

keytool -keystore clientkeystore -genkey -alias client -keyalg RSA

then copied the file clientkeystore under the bin folder and added in the system.properties file:

javax.net.ssl.keyStore=clientkeystore
javax.net.ssl.keyStorePassword=mypassword

but nothing changes when it run versus a GCP/CloudRun instance. Any idea?

Answer 1

If your application requires a client-side certificate you need to get the appropriate one and not to generate a new random one so if this is the case you will need to import the relevant certificate into keystore

keytool -import -alias your-certificate-alias -file /path/to/your/certificate.cer -keystore clientkeystore.p12-storepass mypassword

and change the javax.net.ssl.keyStore to include the file extension:

javax.net.ssl.keyStore=clientkeystore.p12

More information: How to Set Your JMeter Load Test to Use Client Side Certificates

If your application can be accessed by anyone without having to provide the client-side certificate just remove the properties as you don't need them.