FAQs »

How can I ignore socket errors due to an untrusted TLS/SSL certificate?

If you’re testing a site with a self-signed, expired, or otherwise untrusted certificate, Loadster will complain and refuse to connect to it.

socket error: invalid or untrusted SSL certificate

Most HTTP user agents, including Loadster’s bots, refuse to trust certificates unless they recognize the Certificate Authority (CA) where the certificate originated. This is meant to protect you from “man in the middle” attacks, where an attacker forges a certificate for a site, in an attempt to intercept your traffic.

Of course, if you’re reading this it’s more likely you are testing a development or staging site that doesn’t have an officially signed certificate. In that case you’ll want to trust the certificate anyway.

If you want to override this behavior and trust the certificate anyway, there’s a global setting on your Settings page called Ignore HTTPS errors during playback. Enable it and you should be good to go. Keep in mind that this is a global setting and it affects anyone on your team playing scripts and running load tests.

Again, take precautions if you are testing with sensitive data over HTTPS, since disabling this setting could make you vulnerable to a “man in the middle” attack.

Also, every now and then, a really bizarre certificate surfaces that Loadster is unable to ignore. If you come across one of these, please let us know and we’ll look into it!