Passing Client Certificate with Gatling

Gatling version: 3.9.1
Gatling flavor: scala
Gatling build tool: sbt

Has anyone successfully used a client certificate with Gatling? I am looking to pass a client certificate while executing API requests. We attempted to include the certificate details in the gatling.conf file, but we are currently encountering an error stating, “No trusted certificate found.”

gatling.conf

    ssl {
      keyStore {
        type = "PKCS12"
        file = "body/QA_cl_cert.p12"
        password = "testing@12"
      }
      trustStore {
        type = "JKS"
        file = "body/QA_cl_cert.jks"
        password = "testing@11"
      }
  }

Error:

14:01:53.181 [INFO ] i.g.c.c.i.Injector - All scenarios have finished injecting
14:01:53.197 [DEBUG] i.g.c.c.i.o.OpenWorkload - Start user #1
14:01:53.267 [DEBUG] i.g.h.e.t.HttpTxExecutor - Sending request=Create Order uri=https://*******************: scenario=CreateOrderScenario, userId=1
14:01:53.283 [DEBUG] i.g.h.c.p.ChannelPool - No channel in the pool for key ChannelPoolKey{clientId=1, remoteKey=RemoteKey{targetHostBaseUrl='https://pan******************', virtualHost='null', proxyHost='null', proxyPort=0}}
14:01:53.286 [DEBUG] i.g.h.c.i.DefaultHttpClient - Opening new channel
14:01:53.583 [DEBUG] i.g.h.c.i.DefaultHttpClient - Installing SslHandler for https://*******************
14:01:53.590 [DEBUG] i.n.u.ResourceLeakDetectorFactory - Loaded default ResourceLeakDetector: io.netty.util.ResourceLeakDetector@7395811c
14:01:54.007 [DEBUG] i.n.h.s.ReferenceCountedOpenSslContext - verification of certificate failed
sun.security.validator.ValidatorException: No trusted certificate found
	at java.base/sun.security.validator.SimpleValidator.buildTrustedChain(SimpleValidator.java:416)
	at java.base/sun.security.validator.SimpleValidator.engineValidate(SimpleValidator.java:140)
	at java.base/sun.security.validator.Validator.validate(Validator.java:264)
	at java.base/sun.security.ssl.X509TrustManagerImpl.validate(X509TrustManagerImpl.java:313)
	at java.base/sun.security.ssl.X509TrustManagerImpl.checkTrusted(X509TrustManagerImpl.java:276)
	at java.base/sun.security.ssl.X509TrustManagerImpl.checkServerTrusted(X509TrustManagerImpl.java:141)
	at io.netty.handler.ssl.ReferenceCountedOpenSslClientContext$ExtendedTrustManagerVerifyCallback.verify(ReferenceCountedOpenSslClientContext.java:234)
	at io.netty.handler.ssl.ReferenceCountedOpenSslContext$AbstractCertificateVerifier.verify(ReferenceCountedOpenSslContext.java:779)
	at io.netty.internal.tcnative.CertificateVerifierTask.runTask(CertificateVerifierTask.java:36)
	at io.netty.internal.tcnative.SSLTask.run(SSLTask.java:48)
	at io.netty.internal.tcnative.SSLTask.run(SSLTask.java:42)
	at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.runAndResetNeedTask(ReferenceCountedOpenSslEngine.java:1496)
	at io.netty.handler.ssl.ReferenceCountedOpenSslEngine.access$700(ReferenceCountedOpenSslEngine.java:94)
	at io.netty.handler.ssl.ReferenceCountedOpenSslEngine$TaskDecorator.run(ReferenceCountedOpenSslEngine.java:1471)
	at io.netty.handler.ssl.SslHandler.runDelegatedTasks(SslHandler.java:1558)
	at io.netty.handler.ssl.SslHandler.unwrap(SslHandler.java:1404)
	at io.netty.handler.ssl.SslHandler.decodeJdkCompatible(SslHandler.java:1245)
	at io.netty.handler.ssl.SslHandler.decode(SslHandler.java:1294)
	at io.netty.handler.codec.ByteToMessageDecoder.decodeRemovalReentryProtection(ByteToMessageDecoder.java:529)

Interestingly, the same certificate works perfectly in our Functional Test Automation tool Cypress and Postman, when used there.

You’re using a very old Gatling version. Please upgrade to Gatling 3.13.

I upgraded to Gatling version : 3.13.4 but still the same issue

Well, I doubt there’s an issue on our side as this feature works has been used successfully for a decade by some customers.
There’s a good chance you’re not passing a proper truststore with the cert of your server.

Anyway, we would need a reproducer so we can help.

Seems my ca certificate has some issues. It resolved now. Thanks