Nginx SSL 測試環境 vs WAPT

哈囉~ 大家好!!!

這一節要介紹 Nginx 的 Web Server 測試環境，並且說明如何透過「SSL協定」來錄製 WAPT 的測試腳本做效能測試。

首先稍微介紹一下「Nginx」，可能大家對於這個名詞還蠻陌生的。可能連如何唸這個字，都還是一頭霧水 Nginx 一詞是由 「Engine X 」衍生而來，是由俄羅斯人 Igor Sysoev 所寫的一個 HTTP Web Server 和 Reverse Proxy Server (反向代理伺服器)，目前有部分公司開始採用 Nginx 來取代原有的 Web Server，較出名的有 Wikipedia (英文版維基百科)、Sina 新浪部落、豆瓣等等。

選擇 Nginx 的優點如下：

• 可以處理大量的平行連線數
• 使用較少的記憶體空間
• 支援開放原始碼可提供免費商業用途
• 提供負載平衡機制
• 支援 Rewrite 規則，可同時佈署多台伺服器
• 支援 GZIP 壓縮技術，提高瀏覽速度
• 容易設定、內部監控、穩定度高、支援長時間運作等

介紹完 Nginx 接下來就開始我們這一節的說明，照慣例先來一張圖解大綱：

Step 1: Install Nginx in CentOS 7.0 be a Target Server
Create the nginx.repo file for yum, type the command as below.
# vi /etc/yum.repos.d/nginx.repo


Step 1.1: Copy and paste script as below then save as a file "nginx.repo"

[nginx]

name=nginx repo

baseurl=http://nginx.org/packages/centos/7<depend on version>/$basearch/

gpgcheck=0

enabled=1

Step 1.2: Install Nginx via yum, type the command as below.
#yum install nagix


Step 2: Configuration Nginx to enable HTTPS service
Create a pair of SSL certificates, type the command as below.
#cd /etc/pki/tls/certs


Step 2.1: Make an Access key, type the command as below
#make access.key


Step 2.2: Remove passphrase from private key, type the command as below.
#openssl rsa -in access.key -out access.key

Step 2.3: Make an Access CSR, type the command as below.
#make access.csr


Step 2.4: Generate the private key, type the command as below.
#openssl x509 -in access.csr -out access.crt -req -signkey access.key -days 3650


Step 2.5: Config nginx.conf for HTTPS, type the command as below.
# vi /etc/nginx/nginx.conf


Step 2.6: Copy and paste script as below then save the file "nginx.conf"
## HTTPS server
    server {
        listen       443 ssl;
        server_name  localhost;
        ssl_certificate      /etc/pki/tls/certs/access.crt;
        ssl_certificate_key  /etc/pki/tls/certs/access.key;
        ssl_session_cache    shared:SSL:1m;
        ssl_session_timeout  5m;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers  on;
        location / {
            root   /usr/share/nginx/html;
            index  index.html index.htm;
        }

    }

Step 2.7: Restart Nginx service, type the command as below.

#systemctl restart nginx

Step 3: Enable HTTPS service port 443 in firewall

Type the command as below

#firewall-cmd --add-service=https --permanent

Step 3.1: Restart Firewall service

Type the command as below

#firewall-cmd --reload

Step 4: Verify Nginx HTTPS service
Enter https://<IP> or <hostname> in WAPT web browser.

Step 5: Open WAPT，Click WAPT Pro 3.5

Step 5: New a Scenario

Step 6: Select "Performance Test" then click "Next >"

Step 7: Set the virtual users for the test load spec, this time keep as default then click "Next >"

Step 8: Setting the test duration, this case keep as default then click "Next >" 

Step 9: Tick start recording virtual user profiles then click "Finish"

Step 10: Enter the profile name "Nginx_SSL select browser then click "Parameterization..."

Step 11: Select "HTTPS" then First check "Use client certificate" and select "access.crt" copy from Step 2, Second check "Private key is contained in a separate file" and select "access.key" copy from Step 2 then click "OK"

Step 12: Click "OK"

Step 13: Click "Proceed with recording"

Step 14: Enter "https://10.8.1.8" at Address: then click "Go"


Step 15: Successful to see "Welcome to nginx!" then click "Stop Rec"


Step 16: After this can click "Verify Test" and "Run Test" to run Performance Test with WAPT

Congratulations!!!

經過了漫長的安裝 Nginx 到設定、到創造 SSL Certificate、到設定 Niginx SSL 服務、到WAPT 設定 SSL Certificate、到錄製測試腳本，到最後再執行效能測試，這可以說是一個漫長的說明。

相信經過了這次較詳細說明，各位對於 WAPT 與 HTTPS 之間的測試方法，是不是有了更進一步的瞭解。下次有機會我們再對於 WAPT 上的一些參數設定分節做說明。那這一節就先介紹到這裡。我們下次見~ Bye Bye!!!

~ See you ~

參考出處：
http://www.loadtestingtool.com/help/ui-ssl-settings.shtml
https://www.server-world.info/en/note?os=CentOS_7&p=nginx&f=4