Secured applications
When the mobile application to record uses a secured connection (HTTPS) to connect to the server, the mobile device sees the NeoLoad recording proxy or the NeoLoad tunnel as a man-in-the-middle attack and refuses the connection. It is necessary to authorize the connection with the proxy or the tunnel to be able to record the traffic. The NeoLoad root certificate must be imported in the device or emulator.
The root certificate is created when NeoLoad is first launched and is named NeoLoad_Root_CA.cer
. It can be found in the configuration sub-directory of the user profile directory.
In Windows, the configuration directory is accessible from %appdata%
, for example:
C:\Users\<username>\AppData\Roaming\Neotys\NeoLoad\v8.2\conf
In Unix/Linux/Mac, the configuration directory is accessible from <$HOME>
, for example:
/home/<username>/.neotys/NeoLoad/v8.2/conf/
The root certificate must be installed on the emulator or on the mobile device.
- To install the root certificate on an iOS device (iPhone, iPad)
- Send yourself an email with the certificate attached.
- Open the email on the mobile device.
- Click on the certificate attachment to install it.
- To install the root certificate on an iOS 11 device (and above)
- Send yourself an email with the certificate attached.
- Open the email on the mobile device.
- Click on the certificate attachment to install it.
- In the device settings, go to General > About >Certificate Trust Settings.
- Enable the "Full trust for root certificate" option for the NeoLoad recorder certificate.
- To install the root certificate on a device on Android 4.0 and above
- On the computer running NeoLoad, start NeoLoad.
- Click Help > Open Logs Folder.
- In the displayed window, go to the up directory, then open the
conf
folder. - Copy the file
NeoLoad_Root_CA.cer
. - Connect your physical android device via USB.
- Paste the file
NeoLoad_Root_CA.cer
at the root folder of the SD card. - On the Android device, select Settings > Security > Install from SD card.
- When you do not have a screen locker configured on your device, configure one with a password, a pattern, or a PIN.
- Choose the file
NeoLoad_Root_CA.cer
- Restart the Android device.
- To install the root certificate on a device on Android 7.0 and above
- Add the the "res/xml/network_security_config.xml" file in the APK of the Android Application with the following content:
<?xml version="1.0" encoding="utf-8"?>
<network-security-config>
<base-config>
<trust-anchors>
<!-- Trust preinstalled CAs -->
<certificates src="system" />
<!-- Additionally trust user added CAs -->
<certificates src="user" />
</trust-anchors>
</base-config>
</network-security-config>
- Regenerate and sign the APK.
- Install this APK.
- This allows the NeoLoad Certificate Authority just added to be usable by the APK.
- To install the root certificate on the emulator for Android 4.0 and above
- On the computer running NeoLoad, start NeoLoad.
- Click Help > Open Logs Folder.
- In the displayed window, go to the up directory, then open the
conf
folder. For example, on Windows Vista, the folder is C:\Users\<user>\AppData\Roaming\Neotys\Neoload\<version>\conf
- Open a command prompt.
- Start the Android Emulator.
- Type the command
cd C:\android-sdk\platform-tools
where the Android sdk tools are installed in the C:\android-sdk
folder. - Type the following commands to set the permission of the SD card folder:
adb shell
su
mount -o rw,remount rootfs /
chmod 777 /sdcard/
exit
exit
- Type the command
adb push C:\Users\<user>\AppData\Roaming\Neotys\Neoload\<version>\conf\NeoLoad_Root_CA.cer /sdcard/
by replacing the path C:\Users\<user>\AppData\Roaming\Neotys\Neoload\<version>\conf
with the path in step 3. - On the Android Emulator, select Settings > Security > Install from SD card.
- When you do not have a screen locker configured on your device, configure one with a password, a pattern, or a PIN.
- Choose the file
NeoLoad_Root_CA.cer
- Restart the Android emulator.
- Tip: For other devices, installing the certificate often depends on the mobile vendor policy. For more information, contact your mobile vendor.
Once the certificate is installed, the secured application can be recorded in NeoLoad:
- as a browser-based application or a native one in proxy mode, or
- as a native application in tunnel mode.