5

I'm testing an internal website and on playback I'm seeing this error:

POST /Ex_ACO_EI/Details/2433: 'SSLError(MaxRetryError("HTTPSConnectionPool(host=\'examiner-stage.site.com\', port=443): Max retries exceeded with url: /Ex_ACO_EI/Details/24 33 (Caused by SSLError(SSLCertVerificationError(1, \'[SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1056)\')))"))'

I'm using PyCharm for my IDE.

Any ideas would be greatly appreciated.

webprogrammer
  • 2,393
  • 3
  • 21
  • 27
Michael Johnson
  • 95
  • 1
  • 7
  • Hi! Are you using HttpLocust or FastHttpLocust? – Cyberwiz Feb 20 '20 at 09:46
  • HttpLocust. I was thinking about trying out FastHttpLocust. I see the issue with any site I try playing back against within our network. I'm going to try the suggestion of 'disabling SSL verification' as soon I can figure out how to do that and then try FastHttpLocust. – Michael Johnson Feb 21 '20 at 16:50
  • FastHttpLocust has SSL verification disabled by default, so if you use that then you dont need to disable it! – Cyberwiz Feb 21 '20 at 19:19
  • 1
    Disabling the SSL with putting in code: verify=False, in the self.client.post worked. In working with FastHttpLocust I could tell it would work but in using 'Transformer' utility to convert .har files to .py files I see path errors when trying to run it. – Michael Johnson Feb 25 '20 at 21:22

1 Answers1

0

A quick hack is always disable SSL verification ( on python requests lib if you use the default HTTPLocust).

To fix it properly, you need to validate that server cert again . May be intermediate certificate is missing ? You can try 

openssl s_client -connect yoursite:443

And see what wrong with it.

tofuguru
  • 41
  • 1
  • I need to install openssl and then I can run the command to see what's up with the site. Also, the same issue happens with all internal sites I've attempted playback with. It's weird because I've not seen this issue with using several other load testing tools. – Michael Johnson Feb 21 '20 at 16:55
  • Almost all of our web sites have NTLM Authentication and I need to pass the NTLM Auth. Posted on github: https://github.com/locustio/locust/issues/417 github was this resolution with passing NTIL information with domain.crt. – Michael Johnson Mar 18 '20 at 19:27
  • from requests_ntlm import HttpNtlmAuth from locust.clients import HttpSession class UserBehaviour(TaskSet): def on_start(self): """ on_start is called when a Locust start before any task is scheduled """ self.login() # end on_start def login(self): """use NTLM authentication""" self.client.auth = HttpNtlmAuth('DOMAIN\\USERID', 'PASSWORD') self.client.get("/") # end login @task(1) def index(self): self.client.get("/") – Michael Johnson Mar 18 '20 at 19:31