Certificate Authentication

Applies to LoadComplete 4.97, last modified on May 20, 2019

Some websites use certificate authentication to provide visitors with access to resources. That is, only those clients are allowed to connect that have the appropriate security certificate. You can use LoadComplete to create and run load tests for such web sites. See below for details.

1. Get Security Certificates

You can purchase security certificates from some Certificate Authority, or you can generate certificates yourself. You will need root, server and client certificates. If you decide to create certificates yourself, you can use tools like makecert and pvk2pfx, or keytool. For complete information, please see the documentation on these tools.

The further steps assume that you have the certificate files to be installed.

2. Configure Your Website to Use Certificate Authentication

  1. Configure your web server to use certificate authentication, and

  2. Install the root and server certificates on your server computer.

The way you do this depends on the web server you use. Please refer to your web sever documentation.

3. Install Client Security Certificates

Now you need to install the client certificate on the computer where you will create and run LoadComplete tests. The LoadComplete recorder and runner use certificates that are installed in the Windows Certificate Store:

  1. Open the Windows Management Console. To do this, for example, type mmc in the command-line box.

  2. In the Console window, select File > Add/Remove Snap-in from the main menu, and in the subsequent dialog add Certificates to the Console:

    Web load testing with LoadComplete: Configuring Certificate Authentication. Adding the Certificates item to Windows Console

    Click the image to enlarge it.

    You will need to select the certificate type to manage.

  3. Select Computer account and click OK. LoadComplete uses certificates that are installed at the computer level:

    Web load testing with LoadComplete: Configuring Certificate Authentication. Selecting the Computer Account certificate type

    Click Next.

  4. On the next page of the wizard, select Local computer and then click Finish:

    Web load testing with LoadComplete: Configuring Certificate Authentication. The second page of the wizard

    The Console window will display the certificates installed on your local computer.

  5. Install the client certificate to the Trusted Root Certification Authorities group. To do this, simply right-click the group and select All Tasks > Import from the context menu:

    Web load testing with LoadComplete: Install client security certificate

    Click the image to enlarge it.

Install the Certificate on Remote Agent Machines

Important: If you use remote computers to simulate virtual users, the client certificate must be installed on all those computers as well.

Install PFX Certificates

If your tested web server uses PFX certificates, you can configure your project to copy the certificates to remote computers automatically:

  1. Place your client certificate file in a location where LoadComplete can access it.

  2. In your LoadComplete project, create a variable of the File type and configure it to retrieve data from the certificate file:

    Create a File variable to store certificate data

    Click the image to enlarge it.

  3. Open the Authentication page of your project and add a new entry to it:

    • In the Server column, enter the name of your tested web server.

    • In the Login/Certificate column, specify the variable that stores your certificate file, in the @Var_Name format:

      Specify the variable that stores the certificate data

      Click the image to enlarge it.

    • In the Password column, enter a password for your certificate.

  4. When you run your test that simulates virtual users on remote computers, LoadComplete will retrieve the certificate data from the specified file and install the certificate on the remote computers. If you use Amazon cloud computers, LoadComplete will install the certificate on them. After the test run is over, LoadComplete will delete the installed certificate.

    If a client certificate is already installed on a remote computer, LoadComplete will overwrite it. After the test run is over, LoadComplete will delete it.

Install Certificates of Other Types

If your tested web server uses non-PFX certificates, install client certificates on all remote computers where you simulate virtual users manually, as it is described above.

If you use Amazon cloud computers, install your certificate on a machine image and then use that machine image to create cloud machine instances.

See Also

Authentication Support

Highlight search results