SEARCH
Showing results for 
Search instead for 
Do you mean 

Conductor Certificate Update

by Community Manager on ‎04-27-2016 04:53 PM - last edited on ‎04-28-2016 02:32 PM by Community Manager

IMPORTANT CLOUDTEST ALERT

 

The certificate for Conductor has expired which will prevent CloudTest users from recording HTTPS sites.  You will get an error as the proxy will be unable to do the recording.  

 

Note: For those of you using iOS or Android, please go to Android and iOS SOASTA SSL Certificates to download the appropriate certificate files and visit the Using a Conductor as a Proxy help article for instructions.

 

For example, in Internet Explorer, it will look like the following:

Screen Shot 2016-04-27 at 4.50.55 PM.png

 

In Google Chrome, it will look like the following:

Screen Shot 2016-04-27 at 4.39.16 PM.png

 

There are two ways to fix this issue:

  1. Upgrade to build 56.22. This build shipped on April 28, 2016.
  2. If you can't upgrade your CloudTest environment, you can download and update the appropriate Conductor for your OS from the following links:

    Once you upgrade your Conductor, you should not try to upgrade again unless you are at build 56.22 or above.

How to Update Your Conductor

 

The steps to update your Conductor are as follows:

  1. Download the updated Conductor from the appropriate link above.
  2. Install the Conductor.  Note that the conductor will install the certificate.
  3. The conductor will ask you to confirm that you will update the certificate.
    Pasted image at 2016_04_27 06_08 PM.png
  4. Enter your user and password, if prompted.
    Pasted image at 2016_04_27 06_08 PM-1.png
  5. If the certificate is not updated, you can manually install as follows:
    1. For IE or the Windows version of Chrome you can find instructions here.
    2. For Firefox, you can follow the instructions here to re-import the certificate.
    3. For Chrome or Safari on Mac, follow the instructions below:

Re-importing your certificate on Chrome or Safari on Mac

 

Note: Normally, you can skip this step. The instructions below are only needed if the automatic certificate import fails.

 

  1. Download the certificate from this article. See attachment below.
  1. Double click on the file to open the Keychain Access.

1.png

 

  1. Delete the existing certificate.

d2.png

 

  1. Go back to Finder, then import the certificate by double-clicking the file that you've downloaded.

3.png

 

  1. Double click the new certificate.

4.png

 

  1. Select Always Trust in the When using this certificate field.

5.png

Comments
by
on ‎06-10-2016 02:47 PM

I found a new one myself and recording is working now. Thank you so much for your help!

Please close the case.

by Reuben
on ‎05-10-2017 01:30 AM

 I am still facing the issue. Now getting an error - net::err_cert weak signature algorithm, which on digging, i was able to concur that the CA was issue MD5 instead of SHA-1. but on further investigation, the SOASTA conductor was issuing SHA-1 and still i am seeing these errors for any HTTPs traffic for that matter. Need to know if this is a known issue

by Community Manager
on ‎05-10-2017 09:33 AM

HI Reuben,

 

Are you recording on windows? 

 

We've updated the conductor to include a new cert and this should resolve the issue you're seeing. 

 

The new conductor is here:

 

https://drive.google.com/file/d/0By_oOO7FbDd8cUVJc0U5bUlHWXM/view?usp=sharing

by Reuben
on ‎05-10-2017 08:18 PM
@Mrunal - thanks its working. Could you give me the specifics as to why the version that i downloaded from the CloudTest tool did not work? I tried it on multiple systems earlier and all i could understand is that the CA was no able to reissue the client's certificate.

 

by Community Manager
on ‎05-11-2017 10:00 PM

@Rueben, Glad you have it working.

 

Chrome recently updated and blacklisted SHA1 ciphers.

 

We've updated the conductor to include a new cert and this resolved the issue you were seeing.