I wanted to simulate connections to a server from a specific client program. There is two-way authentication between client and server and client uses SSLv3 as ssl protocol. I wanted gatling to behave exactly like the client program and was wondering if we could specify the ssl protocol and ciphers to be supported in gatling. (I am using gatling2.0.0-RC2)
By default gatling was using TLSv1 and when I modified test server to support only SSLv3, gatling was having handshake error. When I relaxed restrictions on ciphers allowed by server, gatling could communicate without handshake errors. I couldn’t find much documentation regarding ssl support for gatling. Any help would be greatly appreciated. Thanks.
Try to add this in Gatling JAVA_OPTS
-Ddeployment.security.SSLv2Hello=false -Ddeployment.security.SSLv3=true -Ddeployment.security.TLSv1=false -Ddeployment.security.TLSv1.1=true -Ddeployment.security.TLSv1.2=true
But u should disable SSLv3 (http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3566)
Thankyou and sorry for the delayed reply. I tried adding this in gatling.sh JAVA_OPTS but gatling was using SSLv3 only when server was made to support just SSLv3 and no other.
I also tried to make all TLSv1.* false in the JAVA_OPTS but didn’t see any change. Did I have to do anything else?
After adding JCE to machine, handshake error with SSLv3 was removed. (server still supports just sslv3)
And thanks for the POODLE tip.