HSTS site testing with Chrome - CN vs SAN


I’m having some difficulty getting started with Gatling and I believe the issue is that the certificates that Gatling generates in SslUtil createCSR populate the Common Name but not Subject Alternative Name. Since Chrome ignores common names (https://www.thesslstore.com/blog/security-changes-in-chrome-58/) it will not accept the certificate.

Have I got the wrong end of the stick somewhere? Perhaps I’ve misconfigured something along the way and SAN certs would ordinarily be included.

If that is indeed the issue, I’d be happy to have a bash at populating the SAN as well as the CN in that CSR if you have some coding standards knocking around. I’m new to Scala but it doesn’t look like too big a change to me along these lines https://stackoverflow.com/q/34169954.




Which recorder mode do you use? The self signed certificate mode, or the fake certificate authority one?

I was using the fake Certificate Authority mode.

Fixed: https://github.com/gatling/gatling/issues/3753

Thanks for reporting!

Fantastic, thank you!

Apologies, as I mentioned I’m new to Gatling and I’m not quite familiar with your release schedule/process. Is this group the best way to hear when 3.1.3 is released?

Thanks again!

Gatling 3.1.3 will be out beginning of next week.