Hello, I’ve been beating my head against the wall. TL;DR is that for some reason Gatling will not send, to my understanding, the client cert at all.
- Project is a gatling-maven-plugin project
- Client cert is signed by an internal CA
- Enabling -Djavax.net.debug=all for gatling-maven-plugin reveals a ton of SSL information and from what I can glean it doesn’t send my cert
- If I purposely put in the wrong password OR bad file name, the gatling.conf is read and an exception is thrown.
- Based on the nature of the infrastructure the server will NOT reject due to no client cert but rather the application will have permission/entitlement issues and respond with error when not present
- My Scala skills are weak
My project structure below:
`<?xml version="1.0" encoding="UTF-8"?>
#fetchedCssCacheMaxCapacity = 200 # Cache size for CSS parsed content, set to 0 to disable
#fetchedHtmlCacheMaxCapacity = 200 # Cache size for HTML parsed content, set to 0 to disable
#perUserCacheMaxCapacity = 200 # Per virtual user cache size, set to 0 to disable
#warmUpUrl = “http://gatling.io” # The URL to use to warm-up the HTTP stack (blank means disabled)
#enableGA = true # Very light Google Analytics, please support
type = “jks” # Type of SSLContext’s TrustManagers store
file = “EATMCertsKeystore.jks” # Location of SSLContext’s TrustManagers store
password = “XXXX” # Password for SSLContext’s TrustManagers store
#algorithm = “” # Algorithm used by SSLContext’s TrustManagers store
#type = “jks” # Type of SSLContext’s KeyManagers store
#file = “XXXX” # Location of SSLContext’s KeyManagers store
#password = “XXX” # Password for SSLContext’s KeyManagers store
#algorithm = “” # Algorithm used SSLContext’s KeyManagers store
#keepAlive = true # Allow pooling HTTP connections (keep-alive header automatically added)
#connectTimeout = 10000 # Timeout when establishing a connection
#handshakeTimeout = 10000 # Timeout when performing TLS hashshake
#pooledConnectionIdleTimeout = 60000 # Timeout when a connection stays unused in the pool
#readTimeout = 60000 # Timeout when a used connection stays idle
#maxRetry = 2 # Number of times that a request should be tried again
#requestTimeout = 60000 # Timeout of the requests
acceptAnyCertificate = true # When set to true, doesn’t validate SSL certificates
Is there some sort of standard regarding the JKS file that isn’t well documented that will eliminate gatling from sending it?
Is there any sort of real GitHub project with test JKS that one could pull apart to suss out the differences and flaws in their own project?
Is there any sort of debug information I should be looking for as to why the cert is not being sent?
What else can I do to get unblocked? What information can I provide?