How do I identify the SSL protocols and certificates used by a website when testing with LoadRunner

Cause -Understanding the SSL Protocols and certificates used by a website.
Solution -To identify the type of SSL and certs used on a web server, type the following commands from a Loadrunner client workstation :


  • Go to the Loadrunner/bin directory.
  • Type "openssl", this will then display an >openssl prompt.
  • Type "s_client - connect www.test.com:443" where test.com is your web site.

This will then return details of the web servers SSL configuration.

Other usefull commands to use in LoadRunner Web protocol scripts are as follows:

web_set_sockets_option("SHUTDOWN_MODE", "FAST");Allows the disconnection of the SSL session to be completed quickly.

web_set_sockets_option("SSL_VERSION", "TLS");
web_set_sockets_option("SSL_CIPHER_LIST", "RC4-MD5");
These options allow the version and cipher for SSL to be specified. Possible versions and ciphers are detailed in the Loadrunner Function Reference.

web_set_sockets_option("TRACE_SSL_IO","1");This option will detail all SSL IO in the normal vuser log.

web_set_sockets_option("PRINT_SSL_INFO","1");This option will detail the version and certificate used in the SSL configuration.

web_set_sockets_option("PROXY_INITIAL_BASIC_AUTH","0");This option disables the initial Basic authentication

No comments:

Post a Comment