Gatling version: 3.9.1
Gatling flavor: scala
Gatling build tool: sbt
Has anyone successfully used a client certificate with Gatling? I am looking to pass a client certificate while executing API requests. We attempted to include the certificate details in the gatling.conf file, but we are currently encountering an error stating, “No trusted certificate found.”
gatling.conf
ssl {
keyStore {
type = "PKCS12"
file = "body/QA_cl_cert.p12"
password = "testing@12"
}
trustStore {
type = "JKS"
file = "body/QA_cl_cert.jks"
password = "testing@11"
}
}
Error:
14:01:53.181 [INFO ] i.g.c.c.i.Injector - All scenarios have finished injecting
14:01:53.197 [DEBUG] i.g.c.c.i.o.OpenWorkload - Start user #1
14:01:53.267 [DEBUG] i.g.h.e.t.HttpTxExecutor - Sending request=Create Order uri=https://*******************: scenario=CreateOrderScenario, userId=1
14:01:53.283 [DEBUG] i.g.h.c.p.ChannelPool - No channel in the pool for key ChannelPoolKey{clientId=1, remoteKey=RemoteKey{targetHostBaseUrl='https://pan******************', virtualHost='null', proxyHost='null', proxyPort=0}}
14:01:53.286 [DEBUG] i.g.h.c.i.DefaultHttpClient - Opening new channel
14:01:53.583 [DEBUG] i.g.h.c.i.DefaultHttpClient - Installing SslHandler for https://*******************
14:01:53.590 [DEBUG] i.n.u.ResourceLeakDetectorFactory - Loaded default ResourceLeakDetector: io.netty.util.ResourceLeakDetector@7395811c
14:01:54.007 [DEBUG] i.n.h.s.ReferenceCountedOpenSslContext - verification of certificate failed
sun.security.validator.ValidatorException: No trusted certificate found
at java.base/sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:416)
at java.base/sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:140)
at java.base/sun.security.validator.Validator.validate(Validator.java:264)
at java.base/sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:313)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:276)
at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:141)
at io.netty.handler.ssl.ReferenceCountedOpenSslClientContext$ExtendedTrustManagerVerifyCallback.verify(ReferenceCountedOpenSslClientContext.java:234)
at io.netty.handler.ssl.ReferenceCountedOpenSslContext$AbstractCertificateVerifier.verify(ReferenceCountedOpenSslContext.java:779)
at io.netty.internal.tcnative.CertificateVerifierTask.runTask(CertificateVerifierTask.java:36)
at io.netty.internal.tcnative.SSLTask.run(SSLTask.java:48)
at io.netty.internal.tcnative.SSLTask.run(SSLTask.java:42)
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.runAndResetNeedTask(ReferenceCountedOpenSslEngine.java:1496)
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.access$700(ReferenceCountedOpenSslEngine.java:94)
at io.netty.handler.ssl.ReferenceCountedOpenSslEngine$TaskDecorator.run(ReferenceCountedOpenSslEngine.java:1471)
at io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1558)
at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1404)
at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1245)
at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1294)
at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:529)
Interestingly, the same certificate works perfectly in our Functional Test Automation tool Cypress and Postman, when used there.