HTTPS and SSL Certificates

To record HTTPS requests using the Eggplant Proxy Recorder, you must have a root certificate that is installed and trusted.

Problems with Recording

If the root certificate is not installed or trusted, your browser displays messages such as There is a problem with this website's security certificate. You can continue to the website, but any requests sent using HTTPS won't be recorded, and won't be sent when a virtual user runs the generated script. If your System Under Test relies on HTTPS, you must rectify this issue.

HTTPS security error in Internet Explorer

Mozilla Firefox displays This Connection is Untrusted, and Google Chrome displays Cannot connect to the real...

Firefox untrusted connection dialog

SSL error dialog in Chrome

Mozilla Firefox requires extra steps after the root certificate has been installed and trusted.

The Eggplant Proxy Recorder detects when HTTPS traffic is being sent without a valid root certificate. You have the option to install and trust the root certificate.

Root certificate missing dialog

If HTTPS traffic is still being detected, but there is no valid root certificate, the Install/Uninstall root certificate button on the Eggplant Proxy Recorder turns red.

Proxy recorder with HTTPS traffic detected message

Installing and Trusting the Root Certificate

Click Yes on the The root certificate for capturing HTTPS traffic is not installed window, or click Install/Uninstall root certificate on the Eggplant Proxy Recorder.

What happens next depends on any existing root certificates.

Important: The name of the root certificate is Eggplant Performance Proxy Recorder and is to be used with the Eggplant Proxy Recorder. It should not be used for any other purpose.
Note: If you log in to the Eggplant Performance controller as a domain user, the Eggplant Performance Proxy Recorder might experience problems when attempting to write the certificate to the trusted root certificate store when using the following steps. See Domain Policies Restricting Access to the Client's local Certificate Store for more information.

The root certificate is already installed and trusted.

Root certificate installed dialog box

If you click Yes, a message from the Root Certificate Store appears, confirming the deletion of the existing certificate.

Delete root certificate dialog box

The root certificate is already installed but NOT trusted.

Remove untrusted root certificate dialog box

If you click Yes, the untrusted root certificate is removed without the need for confirmation.

Installing and trusting a new root certificate

In every case, a message from the Root Certificate Store appears, confirming the installation of the new root certificate.

Important: The name of the root certificate is Eggplant Performance Proxy Recorder and is to be used with the Eggplant Proxy Recorder. It should not be used for any other purpose.

Proxy recorder install certificate dialog box

Checking the Root Certificate

To check the root certificate:

  1. Click the Start button, then type certmgr.msc to open the Windows Certificates Manager.
  2. In the Certificates tree, expand the Personal folder, then click the Certificates folder.

    Personal certificate manager window

    If the root certificate is not installed, it doesn't appear in this list.

  3. Double-click the Eggplant Performance Proxy Recorder certificate to open the Certificate Properties window.

    If the root certificate is installed and trusted, it appears in the list within Trusted Root Certification Authorities.

    certificate-manager_trusted

Extra Steps for Mozilla Firefox

Perform these steps after the root certificate has already been installed and trusted.

  1. Click the Start button, then type certmgr.msc to open the Windows Certificates Manager.
  2. In the Certificates tree, expand the Trusted Root Certification Authorities folder, then click the Certificates folder.
    Note: If the root certificate is not installed, it will not appear in this list.
  3. Select the Eggplant Performance Proxy Recorder certificate.
  4. On the Action menu, click All Tasks, then click Export.
  5. Export the certificate as a .cer file, and save it to a directory of your choice.
  6. Open the Mozilla Firefox Options window.
    The remaining steps vary depending on the version of Mozilla Firefox you are using.
  7. Click the Advanced tab, then click the Certificates tab.
  8. Click View Certificates. The Certificate Manager window appears:

    Firefox Certificate Manager window

  9. Click Import, and navigate to the .cer file you exported earlier.

    Firefox Download Certificate window

  10. Select Trust this CA to identify websites, then click OK.

    The Eggplant Proxy Recorder can now record HTTPS traffic with Mozilla Firefox.

Solutions to Certificate Problems

The Eggplant Performance Proxy Recorder installs and trusts the root certificate automatically. This automatic step might not work in environments that require a private key to install the certificate. If this problem occurs, you can manually export the proxy certificate from the recorder, then import it into the certificate store.

The Eggplant Performance Proxy Recorder

If you run into a problem, do the following:

  1. Click the Export the Proxy Certificate button on the Eggplant Performance Proxy Recorder to export the proxy certificate.
  2. Select the PFX option if you need to manually install the certificate onto this machine, then click OK.
  3. Click Open to save the file to the default desktop location. Click OK to clear the Root certificate exported successfully message.
  4. Double-click the eggPlantPerformanceRootCertificate.pfx file on your desktop to open the Certificate Import Wizard.
  5. Make sure Current User is selected, then click Next. The File to Import dialog box opens.
  6. Verify that the path and file name point to the eggPlantPerformanceRootCertificate.pfx file on your desktop, then click Next. The Private key protection dialog box opens.
  7. Click Next. The Certificate Store dialog box opens.
  8. Select Place all certificates in the following store, then click Browse. The Select Certificate Store dialog box opens.
  9. Select Trusted Root Certification Authorities, then click OK.
  10. In the Certificate Store dialog box, click Next, then click Finish to complete the certificate import. You should see a message telling you that the import was successful. Click OK to clear that message.

After you complete the above steps, the certificate is properly installed and trusted.

 

This topic was last updated on August 19, 2021, at 03:30:52 PM.

Eggplant icon Eggplantsoftware.com | Documentation Home | User Forums | Support | Copyright © 2022 Eggplant