ASM Webdriver cannot get to website

book

Article ID: 194967

calendar_today

Updated On:

Products

CA App Synthetic Monitor NIMSOFT CLOUD USER EXPERIENCE MONITOR DX Application Performance Management

Issue/Introduction

I make a test webdriver script using Katalon recorder. It is a simple test to go to https://portal-abc.mysite.com/csupe?iss=https%3A%2F%2Flogin.serverA.com which will redirect to serverA logon to the application. It works in Katalon but when I upload the script and run it in Webdriver it can not get to the webpage. I also did a test to just go to https://portal-abc.mysite.com which should give you a 404 webpage error but that also errors and said can not find webpage. Is the https://portal-abc.mysite.com site being blocked by ASM?

Environment

Release : 10.1 and later

Component : App Synthetic Monitor

Resolution

Using an HTTPS monitor on the URL https://portal-abc.mysite.com reveals that the server has SSL certificate issues.  You can see this in the logs of the HTTPS monitor as well as an online certificate tester such as https://www.ssllabs.com/ssltest

Basically, the server is not sending the intermediate certificate during SSL handshake.

Here is some important information on Immediate Certificates and why they are needed.

https://knowledge.digicert.com/solution/SO4261

It is not that ASM is auto blocking sites, ASM does not block sites. However, when an HTTPS URL, such as this one, is approached to perform a check, it needs to follow a secure path. Given that the intermediate certificate is missing, it cannot follow the secure path.

To put it simply, if you had access to rooms 1 2 and 3 in a secured government facility and to get to room 3, you first have to go through room 1 and then room 2. You have the credentials for rooms 1 and 3 but not 2. The Government would not allow you into room 2 even if you show your proof of credentials into room 3. Here room 2 is your intermediate certificate.

You would need to get the intermediate certificate installed on your site or use an HTTP URL (one that does not redirect to HTTPS). However, today, HTTP URL's are pretty much phased out.