Advanced outgoing proxy configuration in recorder

Hi team,

First, please receive my grateful thanks for this great tool you brought to community, helps a lot ! :slight_smile:

I can’t seem to find if there’s a way to set up an advanced configuration for outgoing proxy for Gatling Recorder.
We are working on building scenarii in a quite complex network context : PAC file is ~2k lines long with ~50 different proxies declared.
As the recorder only accepts a single proxy hostname declaration, we’re unable to effectively record our navigation through the browser.

Next step is obvisouly to build scenarii through HAR conversion but we initially wanted the scenarii building to remain browser-agnostic, which would not be the case anymore.

Thanks for reading, thanks even more if you answer !

Best regards from Rennes,
Alexis.

Hi,

Thanks for your kind words.

We don’t support passing a PAC file (and I’m not aware of any non-browser based user-agent that does, eg Charles Proxy).
I’m afraid HAR export is the way to go.

Cheers,

Hi Stéphane,

Thanks a lot for your answer.
We tried HAR export without much more success : Gatling runner is unable to route HTTP through proxies as declared in our PAC file.
I found William Bailey’s pacproxy which seemed to be the exact tool we need here. Good news is it works like a charm directly on browser ! Less good news is it doesn’t get well along with Gatling recorder.

Status is as following :

  • Browser → pacproxy is now OK with only minor adjustment on PAC file
  • Browser → Gatling recorder → pacproxy can’t seem to get all resources downloaded

Tried tweaking recorder options but nothing fixed the issue.

Would you have a hint on what could possibly cause this weird behavior ?

Thanks in advance.

Best regards,
Alexis.

I found William Bailey's pacproxy
<https://github.com/williambailey/pacproxy> which seemed to be the exact
tool we need here. Good news is it works like a charm directly on browser !

Nice finding!

Less good news is it doesn't get well along with Gatling recorder.

Status is as following :

   - Browser -> pacproxy is now OK with only minor adjustment on PAC file
   - Browser -> Gatling recorder -> pacproxy can't seem to get all
   resources downloaded

Tried tweaking recorder options but nothing fixed the issue.

Would you have a hint on what could possibly cause this weird behavior ?

Sadly, no. I don't have such network architecture at hand so I can
investigate on my side, sorry.
Please share if you figure it out!

Cheers,

*Stéphane Landelle*
*GatlingCorp CEO*
slandelle@gatling.io

Hi there !

Went a bit further in the investigation. :slight_smile:

Issue doesn’t come from pacproxy and Gatling recorder working together, it’s actually about Gatling recorder being detected by Firefox as a man in the middle, whatever the chosen HTTPS mode - which is quite fair, eh ? :slight_smile:
I have to admit this had me dig further than I knew about certificates mechanics and I can’t find any quick solution here.

I’m quite disappointed by Firefox disability to notify user about unloaded resources…
Firebug does provide the information, but you have to activate network view before navigation then click, click, Ctrl-A, copy/paste, enter, add exception for every domain accessed for resources… Just noticed Recorder also does in the secured hosts requiring accepting a certificate which is far quicker to access - thanks !
Looked for a even easier/quicker access/exception through a plugin, didn’t find any. I may think about coding one on my spare time, though it’s quite limited these days :smiley:

Guess we’ll have to choose between converting HAR or manually adding certificate exceptions anyway.

Thanks again for your help regarding this matter, I’ll let you know if that plugin comes out or if I find better way to workaround these pitfalls :wink:

Best regards,
Alexis.

Gatling recorder being detected by Firefox as a man in the middle, whatever the chosen HTTPS mode

No, with fake cert authority mode, your browser should accept the certs that the recorder crafts on the fly.

You mean with Gatling recorder HTTPS mode set to On-the-fly certificate generation and generated CA added to Firefox authority certificates ?
Had great hope in it but still got SSL_ERROR_BAD_CERT_DOMAIN error on page as well as resource loading. :frowning:

I suspect you didn’t import the CA cert in Firefox.

I did, though : after removing it from Authority Certificates repository, got MOZILLA_PKIX_ERROR_V1_CERT_USED_AS_CA error instead.
bad domain feels like the recorder would be generating a certificate with wrong domain name ?

Mmm, maybe the recorder is generating certs against the intermediate proxy domain instead of the target one.
I don’t have time to investigate myself atm, could you please investigate, eg enable ssl debug (-Djavax.net.debug=all).

Well thought : it’s actually pacproxy that causes the recorder to generate bad domain CERT : by removing it I access pages without SSL_ERROR_BAD_CERT_DOMAIN error.
Unfortunately, we need it to redirect requests accordingly to our PAC file…
HAR conversion it will be :slight_smile:

Thanks again for your help here :wink:

Best regards,
Alexis.