Manage certificates using the Certificate Manager

To set up secure communication using TLS (SSL), you need to install a CA certificate, and an SSL certificate issued by that CA, on each LoadRunner Professional machine. It is recommended to manage these certificates using the Certificate Manager. You can also use the command line tools to do so.

Manage certificates using the Certificate Manager

Using the Certificate Manager, you can create or import a CA certificate (or select an existing one), create server/client certificates, and install the certificates on your LoadRunner Professional machines.

  1. Launch the Certificate Manager: In Controller, select Tools > Certificate Manager.

    If you have previously installed CA and TLS certificate with this application, these certificates are displayed. If not, the default LoadRunner Professional certificates are displayed.

  2. Select a CA certificate:

    1. Click the Change button.

    2. On the Select CA Certificate page, select a CA Certificate. If no certificate is displayed in the list, do one of the following:

      Create a new CA certificate Click New and enter the required details in the Create New CA Certificate screen. When finished, click Create. Then select the certificate in the list.

      Tip: To export the CA certificate so that you can install it on other LoadRunner Professional machines, click Export.

      It is recommended to enter a password so that the private key is encrypted when it is exported.
      Import an existing CA certificate

      If you already have a CA certificate in your organization, you can import it:

      1. Click Import.

      2. On the Import a CA Certificate page, click the CA Certificate button and select the CA certificate file.

      3. (Optional) Click the Private Key button and select the private key file for the CA certificate. If you do not provide a private key, you cannot generate new TLS (SSL) certificates using this CA certificate.

        If the private key is encrypted, you must provide the password.

      4. Click Import. The imported certificate appears in the CA Certificates list.

      5. Select the imported certificate.

    3. Click Next. The Select SSL/Intermediate Certificate page opens.

  3. If required, import one or more intermediate CA certificates on the Select SSL/Intermediate Certificate page:
    1. Click Import.
    2. On the Import a Certificate page, click the Certificate button and select the intermediate CA certificate file.

    3. (Optional) Click the Private Key button and select the private key file for the CA certificate. If you do not provide a private key, you cannot generate new TLS (SSL) certificates using this CA certificate.

      If the private key is encrypted, you must provide the password.

    4. Select the newly imported certificate in the list, and click Next. A new Select SSL/Intermediate Certificate of <CA certificate> page opens.

    If you need to add another intermediate CA certificate to the certificate chain, repeat this step as necessary.

  4. Select or create a TLS (SSL) certificate.

    Note: For higher security, it is recommended to create and install a separate certificate for each machine.

    Create a new TLS certificate

    1. On the Select SSL/Intermediate Certificate page, click New to create a new TLS certificate.

      Tip: If you are creating one certificate for all LoadRunner Professional machines, select the TLS certificate and click Export to export the certificate, so that you can install it on other machines.

    2. Click Next. The pre-installation summary page displays a list of the selected certificates.
    Import an existing TLS certificate
    1. On the Select SSL/Intermediate Certificate page, click Import.
    2. Click the Certificate button and select the TLS certificate file.
    3. Click the Private Key button and select the private key file for the TLS certificate. If the private key is encrypted, you must enter the password.
    4. Click Next. The pre-installation summary page displays a list of the selected certificates.

  5. Click Finish. The CA certificate, intermediate certificates (if relevant), and TLS certificate are installed on the current LoadRunner Professional machine.

    After installation, you can click Validate to verify the certificate chain and private key.

  6. Restart the LoadRunner Agent service.

Back to top

Other tools for setting up communication with TLS

You can also use the following tools to set up TLS authentication:

gen_ca_cert and gen_cert command line utilities  
Network and Security Manager command line tool

Automate your certificate setup process with the Network and Security Manager command line tool using the -generate_new_cert option command to create a new TLS certificate.

For details, see Network and Security Manager.

Back to top