Secured applications

When the mobile application to record uses a secured connection (HTTPS) to connect to the server, the mobile device sees the NeoLoad recording proxy or the NeoLoad tunnel as a man-in-the-middle attack and refuses the connection. It is necessary to authorize the connection with the proxy or the tunnel to be able to record the traffic. The NeoLoad root certificate must be imported in the device or emulator.

The root certificate is created when NeoLoad is first launched and is named NeoLoad_Root_CA.cer. It can be found in the configuration sub-directory of the user profile directory.

In Windows, the configuration directory is accessible from %appdata%, for example:

  • C:\Users\<username>\AppData\Roaming\Neotys\NeoLoad\v8.2\conf

In Unix/Linux/Mac, the configuration directory is accessible from <$HOME>, for example:

  • /home/<username>/.neotys/NeoLoad/v8.2/conf/

The root certificate must be installed on the emulator or on the mobile device.

  1. Send yourself an email with the certificate attached.

  2. Open the email on the mobile device.

  3. Click on the certificate attachment to install it.

  1. Send yourself an email with the certificate attached.

  2. Open the email on the mobile device.

  3. Click on the certificate attachment to install it.

  4. In the device settings, go to General > About > Certificate Trust Settings.

  5. Enable the "Full trust for root certificate" option for the NeoLoad recorder certificate.

  1. On the computer running NeoLoad, start NeoLoad.

  2. Click Help > Open Logs Folder.

  3. In the displayed window, go to the up directory, then open the conf folder.

  4. Copy the file NeoLoad_Root_CA.cer.

  5. Connect your physical android device via USB.

  6. Paste the file NeoLoad_Root_CA.cer at the root folder of the SD card.

  7. On the Android device, select Settings > Security > Install from SD card.

  8. When you do not have a screen locker configured on your device, configure one with a password, a pattern, or a PIN.

  9. Choose the file NeoLoad_Root_CA.cer

  10. Restart the Android device.

Caution: Since Android 7.0, the recording of native secured applications requires a modification of the APK (Android Application itself).
This is required by Android 7 Nougat New Security Layer: https://android-developers.googleblog.com/2016/07/changes-to-trusted-certificate.html

Note: For Android 7.0 and above, the procedure below must be applied.

  1. Add the the "res/xml/network_security_config.xml" file in the APK of the Android Application with the following content:

    Copy 
    <?xml version="1.0" encoding="utf-8"?>
    <network-security-config>  
          <base-config>  
                <trust-anchors>  
                    <!-- Trust preinstalled CAs -->  
                    <certificates src="system" />  
                    <!-- Additionally trust user added CAs -->  
                    <certificates src="user" />  
               </trust-anchors>  
          </base-config>  
     </network-security-config>

  2. Regenerate and sign the APK.

  3. Install this APK.

  4. This allows the NeoLoad Certificate Authority just added to be usable by the APK.

  1. On the computer running NeoLoad, start NeoLoad.

  2. Click Help > Open Logs Folder.

  3. In the displayed window, go to the up directory, then open the conf folder. For example, on Windows Vista, the folder is C:\Users\<user>\AppData\Roaming\Neotys\Neoload\<version>\conf

  4. Open a command prompt.

  5. Start the Android Emulator.

  6. Type the command cd C:\android-sdk\platform-tools where the Android sdk tools are installed in the C:\android-sdk folder.

  7. Type the following commands to set the permission of the SD card folder:

    Copy 
    adb shell 
    su
    mount -o rw,remount rootfs / 
    chmod 777 /sdcard/
    exit 
    exit

  8. Type the command adb push C:\Users\<user>\AppData\Roaming\Neotys\Neoload\<version>\conf\NeoLoad_Root_CA.cer /sdcard/ by replacing the path C:\Users\<user>\AppData\Roaming\Neotys\Neoload\<version>\conf with the path in step 3.

  9. On the Android Emulator, select Settings > Security > Install from SD card.

  10. When you do not have a screen locker configured on your device, configure one with a password, a pattern, or a PIN.

  11. Choose the file NeoLoad_Root_CA.cer

  12. Restart the Android emulator.

Tip: For other devices, installing the certificate often depends on the mobile vendor policy. For more information, contact your mobile vendor.

Once the certificate is installed, the secured application can be recorded in NeoLoad either:

  • As a browser-based application or a native one in proxy mode.

  • As a native application in tunnel mode.