Certificate Authority

[Magnus Jensen]

Reading this post:

https://groups.google.com/forum/#!searchin/gatling/Certificate$20Authority/gatling/YNotvOmg_Q8/LyNe6zeM13QJ

I understan that it is possible for Gatling to create a certificate for you:

You can now use a Certificate Authority (either Gatling's or you own) with the Recorder, so you're no longer asked for Security Exceptions.

But how do I use this functionality?

I pressed the button "Generate CA", but I do not understand where to go further? 

And what will be the next step after this.

Do I need to export the "Gatling CA" to the server I am testing?

[Magnus Jensen]

what kind of functionality is behind the button "generate CA"?

[Stéphane LANDELLE]

I tried to improve the documentation regarding this point: https://github.com/gatling/gatling/issues/2579

If things are still unclear, I suggest to look on the internet for other sources regarding how HTTPS/SSL works and what certificates and certificate authorities are.

Stéphane Landelle

Lead developer

slan...@gatling.io

--
You received this message because you are subscribed to the Google Groups "Gatling User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gatling+u...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[jols]

Hi Magnus, 

Did you figured it out how to deal with the Certificates? If you have time, can you explain how to do that?

Thank you!

[Kirk Wang]

Hi ,

The same issue that I also encounter.

May I know how did you make it work?

Thanks,

Kirk

This message may contain confidential and/or privileged information. 

If you are not the addressee or authorized to receive this on behalf of the addressee you must not use, copy, disclose or take action based on this message or any information herein. 

If you have received this message in error, please advise the sender immediately by reply email and delete this message. Thank you.

[Sébastien BREVET]

Hi!

With a generated CA, the recorder will work as a Man In the Middle (MITM)
While this is a security issue in production, for your own testing purposes, this is fine.
It allows the recorder to decrypt what your server sends to your browser and reencrypt it before sending it to your browser.
This is needed since we cannot get (obviously) the private key from your server.

So, to trust the generated CA is a browser-side configuration.
Usually, you open the website through the recorder (proxy configuration, I guess) and accept the security risk (that you know is needed for your purpose).

Hope this helps!
Cheers!

--

You received this message because you are subscribed to the Google Groups "Gatling User Group" group.
To unsubscribe from this group and stop receiving emails from it, send an email to gatling+u...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/gatling/85309524-0394-4352-85f8-cb0fefefe398n%40googlegroups.com.

--

Sébastien BREVET Backend engineer

sbr...@gatling.io gatling.io