ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

Devtest Recording of an application with SSL.

book

Article ID: 200783

calendar_today

Updated On:

Products

CA Cloud Test Mobile CA Application Test

Issue/Introduction

Notes:

1. This case is for DevTest. Couldn't find CA Application Test in dropdown menu. Please let me know which option I should be selecting & change for this case if needed. Please ignore Release I had to select below. 

2. Please keep [email protected] as first point of contact and Cc me for this issue.

Issue description:

We are trying to do a Devtest Recording of an application with SSL. The certs are not getting verified and We are not able to record the traffic through SSL

We are looking for recording an application with VSE recorder which when hit directly from postman giving 200 Response as attached document.

 

Environment

Release : 10.6

Component : CA Continuous Application Insight

Resolution

Customer is having an issue recording a 2waySSL call which goes through the load balancer.

He are the things support tried:
We validated the 2way SSL REST LIVE call in workstation by configuring the below properties in local.properties and got the valid response.
ssl.client.cert.path=
ssl.client.cert.pass=
ssl.client.key.pass=
ssl.client.alias=
Try to record the call by configuring the REST step to point to the VSE Recorder https://localhost:8001 but can't do it as the call need to go through their load balancer https://LBhost:6001 (1waySSL and has ssl certificate).

This is what support recommended to make it work.

. Added the property https.protocols=TLSv1.2,TLSv1.1,TLSv1. This one is added as we saw some TLS 1.2 handshake errors when we tried to hit the load balancer endpoint and capture transactions in the VSE recorder.

. Commented the below properties in Workstation local.properties which we added to work for live REST call.
#ssl.client.cert.path=
#ssl.client.cert.pass=
#ssl.client.key.pass=
#ssl.client.alias=
. Configured the VSE Recorder to use
- Port: 8001
- Target Host: REST call Live hostname.
- Target Port: 443
- Use SSL to Server: this is configured with client keystore file used for the 2way SSL REST call
- Use SSL to Client: This is configured with the Load balancer Server key store file.
. Configured the REST step to use the Load balancer endpoint https://LBhost:6001 which is in turn going to make a call to VSE Recorder listening on https://localhost:8001. Then executed the REST call and got the valid response.

We also tried making a call from the Postman but it didn't work. Looks like the configuration of TLS version is causing the issue because:

. When live call is made in Workstation by configuring the SSL client properties got the valid response but when try to record it through the load balancer seen the TLS1.2 alerts. May be configuring Postman to use TLS 1.2 and TLSv1 should work but Customer is good recording it from Workstation.

The key in this case was to use the property https.protocols property and open all SSL versions.