Client Certificates

Some web services require a client to have a valid certificate to establish a secure (HTTPS) connection.

When using Internet Explorer or other application such as a .Net client that uses certificates, these are held in certificate stores on the client. They can be viewed using Internet Explorer, Tools, Options, Certificates.

When replicating clients that use client certificates, there are two approaches depending on whether WinInet or OpenSSL is being used for HTTPS.

WinInet

When WinInet is selected for HTTPS on the test group properties, you can specify a client certificate that must exist in a system certificate store using the following data dictionary keys:

CERT_STORE

This should be set to one a certificate store name. The default value is "MY", that contains personal certificates.  Other possible values are "Root", "Trust" and "CA".

Example:

setString("CERT_STORE", "CA");

CERT_SUBJ

This contains a string that is expected with the subject fields of the required certificate. It is typically the value of the CN (common Name) field.

Example:

setString("CERT_SUBJ", "www.mysite.com");

CERT_DISPLAY

A boolean data dictionary value. If this is set to "true" then an event log entry will be created containing the value of each subject field encountered in the selected certificate store until a match if found. The subject field contains binary data displayed as in the following example.

0r1.0...U....Created.by.http...www.somesite.com1.0...U.....0...U....www.mysite.com

Example:

setBoolean("CERT_DISPLAY", true);

You must run the Eggplant Performance injector process as a user that has access to the required certificate stores. This will generally mean starting the injector process from a command line in the context of a user rather than as a service.

OpenSSL

Using OpenSSL, the WebBrowserUserScript method, setCertLocation() is used to set a path to a certificate file or a folder containing certificates. See setCertLocation.

These certificates must be in PEM format or other as supported by OpenSSL. For further information, see www.openssl.org.

 

This topic was last updated on January 13, 2022, at 02:42:23 PM.

Eggplant icon Eggplantsoftware.com | Documentation Home | User Forums | Support | Copyright © 2022 Eggplant