Service Virtualization

  • Private Community

  • 1.  Error While Recording Traffic Over Https

    Posted Sep 01, 2017 02:59 AM

    Hi All,

     

    I am trying to capture the traffic for a website over https but I am not able to do that. 

    Has anyone faced such kind of error. Please tell how to capture the traffic for the same as it will be really helpful.

     

    Thanks in Advance.



  • 2.  Re: Error While Recording Traffic Over Https

    Broadcom Employee
    Posted Sep 01, 2017 11:01 AM

    Hi,

     

    What problems do you see when attempting to make an HTTPS recording?

     

    Also, does the server you're attempting to reach demand client authentication?

     

    --Mike



  • 3.  Re: Error While Recording Traffic Over Https
    Best Answer

    Posted Sep 01, 2017 11:05 AM

    We need more information to help you determine how to resolve your issue because there are a variable number of possible setup issues. You will likely need to check with application developers and/or a security team member to determine if custom certificates are necessary. 

     

    Some of the things you will need to know or potentially configure are:

    - What type of SSL is required between the client and the server?  

    - One-way or client to server

    Do you need a specific, customer-defined/acquired certificate

    - Two-way a.k.a. mutual auth where you need to add a trust store

    - If custom certs in use, you likely need both the client and server certificates. DevTest acts as the client when sending the request to the server endpoint, and DevTest acts as the server when receiving the request from the client.

     

    - Are you using TLS, and if so, did you enable this in DevTest local.properties or via VMOPTIONS

    https.protocols=TLSv1,TLSv1.1,TLSv1.2

     

    - When you started the recorder, did you configure the options needed for SSL 

    - Use SSL to Server

    - Use SSL to Client

    - Provide the default JKS keystore or a custom JKS

     

    Some possible research links that may help get you started are:

    Tech Tips: Getting JAVA Handshake Exception, Remote host connection, Between Servers When Staging a Test Case  

    Tech Tips: Configure 1-way SSL Working with Your Own Single Certificate and use HTTPS TLSv1.2 Communication with DevTest Components 

    How to switch from SSL to TLS certs 

    Help on implementing one-way SSL  

    Of SSL, SNI, Java and DevTest 

     

    One Testing Approach after you configure DevTest:

    If possible,

    - Obtain a valid request payload

    - Set up a DevTest Test Case (REST, WebService XML, etc.) include the necessary payload and HTTP Headers

    - Use the Pro option on the test case and set up custom SSL (JKS, etc.) information, if needed

    - Use the Help menu bar item and select the HTTP/SSL Debug option.

    - Execute the request from DevTest

    - Check the output to see the SSL handshake.

    - Once you are comfortable that SSL is working, go back to the recorder but recognize that you may still have a certificate requirement between the client and the recorder.

    The above steps can assist in figuring out how the SSL works and where the potential problems are.



  • 4.  Re: Error While Recording Traffic Over Https

    Posted Sep 21, 2017 03:41 AM

    Thanks for the solution.