Cannot record with Chrome 58 (Common Name support dropped from SSL certificates)
When Load Tester record a testcase, it impersonates the website – the browser thinks it is talking to the website but it is actually talking to Load Tester’s recording proxy. For this to work with SSL, Load Tester has to provide a certificate that impersonates the website. These are auto-generated on demand and stored within the project workspace.
Starting in version 58, Chrome has dropped support for the Common Name (CN) field in a certificate. In this case, the Common Name field tells the browser what domain name the certificate applies to. This field has been deprecated and replaced by the Subject Alternative Name (SAN) field. Without the SAN field, Chrome 58 will not verify the authenticity of the certificate…instead displaying an error message to the user (NET::ERR_CERT_COMMON_NAME_INVALID).
Starting with version 6.6.14849, Load Tester generates certificates that provide both the SAN and CN fields. These certificates are compatible with Chrome 58 and other browsers that drop support for the CN field in the future.
However, the existing certificates (generated with earlier version of Load Tester) are not valid and must be deleted from the project workspace:
- Locate the folder containing the certificates. Under your home folder, go to Web Performance > .metadata > .plugins > com.webperformanceinc.util > certificates > server5
- delete all the .ks files
- restart Load Tester
Chris Merrill, Chief Engineer