If your application under test is accessed over a secure connection,
Silk Performer needs to be configured so that the communication between the client and the server is trusted. This is done with certificates,
where you can chose between the following two approaches:
Micro Focus Certificate Authority (CA) Certificate
The
Micro Focus CA certificate, located at
C:\Program Files\Silk\Silk Performer
20.5\IRCAcert.crt, needs to be installed on the client to establish a secure connection between the client and the server. The according server
certificate, issued by the
Micro Focus Certificate Authority, is located at
C:\Program Files\Silk\Silk Performer
20.5\IRServerCert.pem.
Connection route:
- The client opens a secure connection to the Recorder, which acts as a server.
- The Recorder sends back the
Micro Focus server certificate.
- The client receives the certificate and checks whether it was issued by one of the Trusted Root Authorities (Micro Focus CA certificate). If the check is successful, the secure connection is established.
- The Recorder tries to open a second secure connection to the system under test.
- The system under test sends back its own server certificate.
- The Recorder accepts this certificate and establishes a secure connection to the system under test.
Server Certificates
If you have the server certificate of your system under test, you can specify it in the
Profile Settings to enable secure recording and replay.
Connection route:
- The client opens a secure connection to the Recorder and receives the server certificate that you specified in the
Profile Settings, so the client thinks it is already connected to the system under test.
- The Recorder opens a second secure connection to the system under test.
- The system under test sends back its own server certificate.
- The Recorder accepts this certificate and establishes a connection to the system under test.
Native Mobile Apps
Native apps on mobile devices that communicate over a secure connection often match received server certificates (either the
server certificate from the system under test or the
Micro Focus server certificate) against a specific string, for example a company or domain name. This security approach prevents the
Micro Focus certificate approach from working.