• Forums
    • Public Forums
      • Community Connect
      • Dynatrace
        • Dynatrace Open Q&A
      • Application Monitoring & UEM
        • AppMon & UEM Open Q&A
      • Network Application Monitoring
        • NAM Open Q&A
        • Enterprise Synthetic Monitoring
      • Synthetic Classic
        • Synthetic Classic Open Q&A
  • Home /
  • Public Forums /
  • Synthetic Classic /
  • Synthetic Classic Open Q&A /
avatar image
Question by Igor S. · Oct 16, 2017 at 01:02 PM · scripting recorder synthetic mobile https certificate

Mobile Native Recording and SSL certificates

Hi,

I need to creat scripts to a mobile application for a credit card issuer company. The app is responsible to show users balances and other account administration tasks.

The app uses "certificate pinning" ie, it does not uses the certificates on the device, but its own certificate is hardcoded.

We have tried several ways of recording the traffic of such application with no success.

Is there a solution for recording such a script? This techinique is becoming quite common and I want to know if in the future the only way to creat scripts for such apps would be to manually develop the calls.

Thanks a lot for your help,

Regards,

Comment
Gabriel C.

People who like this

1 Show 0
10 |2000000 characters needed characters left characters exceeded
â–¼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 10 attachments (including images) can be used with a maximum of 52.4 MB each and 262.1 MB total.

2 Replies

  • Sort: 
  • Most voted
  • Newest
  • Oldest
avatar image

Answer by Nyna W. · Nov 21, 2017 at 07:26 PM

Hi Igor,

The security implemented in some banking mobile native applications always prevent the Recorder from recording the script. Especially for the HTTPS requests. Manual recording with HTTP Actions is the recommended way. The other way is to record a script to the API used by the app.

Comment

People who like this

0 Show 0 · Share
10 |2000000 characters needed characters left characters exceeded
â–¼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 10 attachments (including images) can be used with a maximum of 52.4 MB each and 262.1 MB total.

avatar image

Answer by mark e. · Nov 27, 2017 at 02:10 PM

You will not be able to "record" https traffic from a mobile app that uses certificate pinning. Even the best third-party proxy tools (e.g. Charles Proxy) state that they cannot support this due to fact that they act as man in the middle and its necessary for the server to be able to accept their SSL certificate, not just the one 'hard coded' into the app.


If you are manually trying to create a test using HTTP and custom actions it may be possible to use the Windows Recorder client certificate support to add your application certificate into the script. We essentially take the certificate and 'hard code' it into the script so if you can get a copy of the certificate to import (we support import of .P12 only) it may be possible for a manually scripted test to execute.

Comment

People who like this

0 Show 0 · Share
10 |2000000 characters needed characters left characters exceeded
â–¼
  • Viewable by all users
  • Viewable by moderators
  • Viewable by moderators and the original poster
  • Advanced visibility
Viewable by all users

Up to 10 attachments (including images) can be used with a maximum of 52.4 MB each and 262.1 MB total.

Join the conversation!

First steps in the forum
Community User Guide

LIVE WEBINAR

"Power Demo: Software Intelligence for Cloud Infrastructure"


DECEMBER 12, 10:00 AM GMT / 2:00 PM ET

Register here

Live webinar: Ensuring Digital Business Availability with Dynatrace

Learn how Dynatrace Real User Monitoring automatically detects errors that impact your end users caused by erroneous 3rd party or CDNs.
December 10, 4:00 pm CET / 10:00 am ET
Register here

Live webinar: Ensuring Digital Business Availability with Dynatrace

Learn how Dynatrace Real User Monitoring automatically detects errors that impact your end users caused by erroneous 3rd party or CDNs.
December 10, 4:00 pm CET / 10:00 am ET
Register here

Live webinar: Ensuring Digital Business Availability with Dynatrace

Learn how Dynatrace Real User Monitoring automatically detects errors that impact your end users caused by erroneous 3rd party or CDNs.
December 10, 4:00 pm CET / 10:00 am ET
Register here

Follow this Question

Answers Answers and Comments

19 People are following this question.

avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image avatar image

Related Questions

Hi Experts, Is it possible to record a "drag and drop action" with the window recorder please ? 2 Answers

how to do a drop down sub menu selection 1 Answer

Validate on new element in auto-refreshing page 2 Answers

Can windows recorder test scripts be amended in web recorder? 2 Answers

Recorder not working properly at all! 3 Answers

Forum Tags

configuration summary mobile monitoring tests timeout synthetic monitoring reports flash synthetic mobile guardian synthetic percentile test management w3c web recorder rest api errors dashboard waterfall chart 2017-Q2 release number login retry on error synthetic monitoring private peer monitoring firefox flex sliverlight dynatrace advanced synthetic account windows recorder last mile monitoring interactive charting webinar gomez 2014-Q3-SEP dynatrace recorder speed index high five award backbone load testing community awards ftp chrome private last mile benchmark leapsecond web performance monitoring sms alerts scoe news synthetic sla report portal alerting performance monitoring web services notifications native mobile app reports third party apr-2017 setup tests browser agent april-2017 chart cloud wait perspective report threshold certificate appmon scripting custom action recorder agent custom code https emails
  • Forums
  • Public Forums
    • Community Connect
    • Dynatrace
      • Dynatrace Open Q&A
    • Application Monitoring & UEM
      • AppMon & UEM Open Q&A
    • Network Application Monitoring
      • NAM Open Q&A
      • Enterprise Synthetic Monitoring
    • Synthetic Classic
      • Synthetic Classic Open Q&A