Client Certificates
Some web services require a client to have a valid certificate to establish a secure (HTTPS) connection.
When using Internet Explorer or other application such as a .Net client that uses certificates, these are held in certificate stores on the client. They can be viewed using Internet Explorer, Tools, Options, Certificates.
When replicating clients that use client certificates, there are two approaches depending on whether WinInet or OpenSSL is being used for HTTPS.
WinInet
When WinInet is selected for HTTPS on the test group properties, you can specify a client certificate that must exist in a system certificate store using the following data dictionary keys:
CERT_STORE
This should be set to one a certificate store name. The default value is "MY", that contains personal certificates. Other possible values are "Root", "Trust" and "CA".
Example:
setString("CERT_STORE", "CA");
CERT_SUBJ
This contains a string that is expected with the subject fields of the required certificate. It is typically the value of the CN (common Name) field.
Example:
setString("CERT_SUBJ", "www.mysite.com");
CERT_DISPLAY
A boolean data dictionary value. If this is set to "true" then an event log entry will be created containing the value of each subject field encountered in the selected certificate store until a match if found. The subject field contains binary data displayed as in the following example.
0r1.0...U....Created.by.http...www.somesite.com1.0...U.....0...U....www.mysite.com
Example:
setBoolean("CERT_DISPLAY", true);
OpenSSL
Using OpenSSL, the WebBrowserUserScript method, setCertLocation() is used to set a path to a certificate file or a folder containing certificates. See setCertLocation.
These certificates must be in PEM format or other as supported by OpenSSL. For further information, see www.openssl.org.