Hi Stéphane et team,
I'm currently using Gatling 3.5.1 as clients sending REST requests to server application that requires mTLS for every connection/request. Using provided
perUserKeyManagerFactory function, I manage to set up KeyStore for mTLS with following code snippet -
def simKeyManager(id: Long): javax.net.ssl.KeyManagerFactory = {
val simKeyStore = new dataKeyStore() // java.security.KeyStore.getInstance("pkcs12")
simKeyStore.load(confKeyStores) // keyStore.load(new java.io.FileInputStream(keyFile), keySecret.toCharArray())
simKeyStore.manager // javax.net.ssl.KeyManagerFactory.init(keyStore, keySecret.toCharArray())
}
http
.baseUrls(confBaseUrls: _*)
.headers(confHeaders)
.perUserKeyManagerFactory(simKeyManager(_))
Periodically, the server application requires Gatling clients to rotate their keys/certificates. For that, Gatling clients need to perform these operations:
1. Delete existing key/cert from the existing KeyStore
2. Create and add new key/cert into the existing KeyStore
3. Reload the existing KeyStore
My understanding is KeyStore is loaded once at the protocol level. Is it possible that it can be reloaded in the scenario at later time?
Thank you for guidance/suggestion.