Tuesday, 22 April 2014

How to identify the SSL protocols and certificates used by a website when testing with LoadRunner.

Understanding the SSL Protocols and certificates used by a website.
Solution -
   
        To identify the type of SSL and certs used on a web server, type the following commands from a Loadrunner client workstation :

  • Go to the Loadrunner/bin directory.
  • Type "openssl", this will then display an >openssl prompt.
  • Type "s_client - connect www.test.com:443" where test.com is your web site.

This will then return details of the web servers SSL configuration.

Other usefull commands to use in LoadRunner Web protocol scripts are as follows:

web_set_sockets_option("SHUTDOWN_MODE", "FAST"); ----->Allows the disconnection of the SSL session to be completed quickly.

web_set_sockets_option("SSL_VERSION", "TLS");
web_set_sockets_option("SSL_CIPHER_LIST", "RC4-MD5");


These options allow the version and cipher for SSL to be specified. Possible versions and ciphers are detailed in the Loadrunner Function Reference.

web_set_sockets_option("TRACE_SSL_IO","1"); ---> This option will detail all SSL IO in the normal vuser log.

web_set_sockets_option("PRINT_SSL_INFO","1");  ---->This option will detail the version and certificate used in the SSL configuration.

web_set_sockets_option("PROXY_INITIAL_BASIC_AUTH","0"); ---->This option disables the initial Basic authentication.

No comments:

Post a Comment