SSL Protocol TLSv1 problems - Vusers can't connect via SSL
Previously the web portal I was testing with LoadRunner had SSL Protocol SSLv3. Now it has been upgraded to TLSv1, and my Vusers can no longer login to the portal via the SSL connection. The following error occurs when they attempt to login:
"Error -27776: Server <server.domain> shut conection during attempt to ngotiate SSL session [MsgId: MERR-27776]"
I had to switch from Sockets replay mode to WinInet in order for them to login, but WinInet has other problems. Does anyone know how I can get it to work again, i.e. so that Vusers can login with the TLSv1 protocol using Sockets replay mode?
Another question: In WinInet mode, transactions that take too long get a timed out with the following error:
"HTTP Send Request Failed Windows Error Code 12002:
This is a WinInet timeout errror. I believe it may be set to 30 seconds, but I'm not sure. Does anyone know how (if possible) to make the WinInet timeout longer?
Limit the number of connections open from the client to the server To resolve this issue, you can reduce the amount of connections simultaneously opened to a Web server by using the following statement in the script:
It has been found that changing the number of open connections does not cause a significant change in performance. Performance issues are more likely to be caused by other factors such as network congestion at a router/switch/hub than by the number of maximum connections allowed. Also, make sure that Keep-Alive is set to "No." This setting can be found via Run-Time Settings -> Preferences -> Options -> Keep-Alive HTTP Connections.
I am having issues with the TLSv1 authentication too. The VuGen 11 prompts me for the client certificate each time I try to record the Web script.
After the investigation I have made, it became clear that the client certificate is only optional while performing the SSL handshake with the application server. However, the VuGen is not capable of skipping the challenge from the server and MUST have a valid client certificate.
My question is: Did anyone find a way to skip server request for client cerificate and proceed with the handshake?