Service Virtualization

Expand all | Collapse all

TLS - Recorder to receive unencrypted traffic, send encrypted traffic to server. Is this possible?

  • 1.  TLS - Recorder to receive unencrypted traffic, send encrypted traffic to server. Is this possible?

    Posted 03-31-2016 04:23 AM

    Hi all.

     

    For a POC coming up, we are stuck in the situation where the Server folk refuse to give out the Private Keychain (or password) but the Client folk are desperate to get DevTest in to help alleviate the constraints with service unavailability.

     

    Would it be possible to get the client to send unencrypted traffic to DevTest, DevTest would then use the public key to encrypt the traffic to Server (and vice versa)?

    This scenario would allow us to prove the service virtualization without needing the private keystore.

     

    Client [unencrypted data] >>> DevTest [encrypted data] >>> Server

     

    Is this possible? If so, does anyone have an example of how this was set up in the recorder?

     

    Kind regards,

    Johan



  • 2.  Re:  TLS - Recorder to receive unencrypted traffic, send encrypted traffic to server. Is this possible?

    Posted 03-31-2016 08:06 AM

    Not sure of the exact words you are using..

     

    if the live connection to your server is https://  you CAN do http:// from the app to DevTest, and then HTTPS to the server.  In DT 8 (never seen prior),

    you check the box on the recorder to 'use ssl to serrver'. (and u can supply the keyfile).. you may have to add a line to the local.properties to get TLS selected first instead of SSLV3.

     

    we have done this multiple times..



  • 3.  Re:  TLS - Recorder to receive unencrypted traffic, send encrypted traffic to server. Is this possible?

    Posted 04-14-2016 05:31 AM

    The problem is that we don't have the keyfile (or password) only a public certificate file.

     

    The requirement has also changed a bit... the customer now wants the following scenario to happen:

    Client (encrypts traffic using a DevTest cert) >>> DevTest decrypts the traffic with its own private key >>> DevTest (reencrypts the traffic with the Server's public key) >>> Server decrypts the message.



  • 4.  Re:  TLS - Recorder to receive unencrypted traffic, send encrypted traffic to server. Is this possible?

    Posted 06-29-2016 07:15 PM

    Hi Johan, have you completed this POC ? i have similar problem where my client send encrypted data to devtest and devtest has to send encrypted response to server .. AES-128 is algorithm used.. could you please let me know if your problem is applicable to this case as well ?



  • 5.  Re:  TLS - Recorder to receive unencrypted traffic, send encrypted traffic to server. Is this possible?

    Posted 07-02-2016 12:14 PM

    Hi

    Could share details please if you have done this POC.. I have got the client private key and included that in devtest keystore and pointed in lisa server local.properties.. still when I see the lisa.vse.request it shows message is not decrypted.. not getting what could be the reason.. do we need anything else get the message decrypted apart from private key usage..