Sets an option for sockets.


web.setSocketsOption( option, value );
The option whose value you want to set.
The value of the specified option.

Return Values

Not applicable


The following argument(s) can be parameterized using standard parameterization: option, value.

General Information

The web.setSocketsOption function configures options for sockets on the client machine. This function supports socket-level replay. In the Web HTML protocol, it supports both HTML-based scripts (mode=HTML) and URL-based scripts (mode=HTTP modes). web.setSocketsOption has no effect on replay using WinInet.

To print a list of the supported options, specify the HELP flag with a null string and execute the function. A list of all the available options is displayed in the Output window's Execution log.

For options that enable or disable a feature (such as TRACE_SSL_IO), specify "1" to enable and "0" to disable.

Supported options:
Only allows requests to servers in the list. (see also DISALLOW_HOSTS option). Only use under Sockets. Do not use wildcards or other regular expressions in value.
If server has aborted the connection during reading from the socket, treat it as if the socket has been closed (true by default).
Closes all open connections.
A directory containing a list of Certificate Authority files (in PEM format).
Timeout to wait for useless body. An example would be the body of an HTTP 302 response (Moved Temporarily). The default is 2 seconds.
Ignores all requests to the listed servers. This option is useful for excluding resources that come from external sites. For example, you can use this option to exclude advertisements that are hosted on external servers. Only use under Sockets. Do not use wildcards or other regular expressions in value.
Output information about the available options to the execution log. This is useful during development. Use an empty string ("") for value.
Do not consider server closing the connection prematurely as error (false by default).
INITIAL_AUTHForce sending user credentials with the first request without waiting for HTTP 401. For example, ("INITIAL_AUTH", "NTLM")
Sets the IP address of the client machine to be the nth address on the client machine. This option is useful for IP spoofing. If this option is used, lr.getVuserIp returns the IP set with this call.
Load the certificate file in PEM–format. The file contains a list of Certificate Authorities.
Specifies the maximum number of concurrent connections per host.
Specifies the global maximum number of simultaneous connections per Vuser.
Set the TCP_NODELAY option on the socket – it will prevent the socket from accumulating small buffers to larger ones before sending (false by default).
Prevent starvation from sockets (false by default).
If overlapped send is available, use IBM specific method (false by default). Use when there are retries in the transaction breakdown results an IBM server.
Use the real client host name in NTLM authentication instead of the default 'dummy_host'. Set to "1" to activate. Default is "0".
When set to 0, this option disables the breakdown of the "First buffer" into server and network time. The breakdown remains disabled until you enable it by setting the option's value to 1.
This option is primarily used when encountering the following error: "Error -27740: overlapped transmission of request". Place the following statement web.setSocketsOption("OVERLAPPED_SEND", "0") at the beginning of the script, to prevent this error.
Print information about SSL connections to brief log. Value of zero in quotes ("0") suppresses output. Any other integer (for instance, "1", "–3", and so forth) enables output.
Output a list of IP addresses available on a given machine to the execution log. value is the name of the machine.
PROXY_INITIAL_AUTHForce sending user credentials to proxy server with the first request. For example, ("PROXY_INITIAL_AUTH", "NTLM")
If enabled, send basic authentication to proxy before receiving 407 error. If disabled, send the regular header in the first request. By default, PROXY_INITIAL_BASIC_AUTH is enabled.
Controls how ports are shutdown and disconnected from the TCPIP connection: GRACEFUL (default), FAST, or ABRUPT. See the Shutdown mode Option.
Enable the reuse of ports (currently not supported).

A list of colon–delimited SSL ciphers to use for SSL connections. For the list of ciphers, see the Cipher List.

False by default
The SSL version preference: 2, 3, 2&3, TLS, TLS1.1, TLS1.2, TLS1.3, or AUTO
Note: TLS1.3 and AUTO are supported from VuGen version 12.62.
Uses a strong pseudo–random number generator to generate SSL keys. (disabled by default) Although the standard (non–strong) random number generator is more predictable, it is more efficient.
Warning: This option is not thread–safe.
Specify blocking connect.
Set the TCP send and receive buffer size.
Performs a raw trace of all bits sent through the SSL connection.
Set maximum chunk size for large request body (default is 64*1024 bytes).
Use standard select() instead of responsive select (false by default).
Sets the preferred IP address of client <ip_addr>[:<port>]. This option is useful for IP spoofing.

The USER_IP_ADDRESS setting is supported under WSP.

Cipher List

The suggested ciphers for SSL_CIPHER_LIST are:



  • Some ciphers are not supported by HTTP/2. The cipher suite blacklist can be found in RFC 7540 (Appendix A. TLS 1.2 Cipher Suite Black List).

  • Support for the following ciphers begins from VuGen version 12.62:

    • TLS_AES_128_GCM_SHA256

    • TLS_AES_256_GCM_SHA384

    • TLS_CHACHA20_POLY1305_SHA256

    • TLS_AES_128_CCM_SHA256

    • TLS_AES_128_CCM_8_SHA256

Shutdown mode Option

Some clients and servers do not terminate connections cleanly. The result is that connections may get trapped in wait states during tests, draining networking resources. The following options are provided to solve this problem. The correct choice depends on your system and networking environment.

GRACEFUL (default) – a full shutdown sequence. This is the normal mode of shutdown – a 4–way handshake between the web client and server. If any of the following occur, consider changing to the ABRUPT option:

  • Connections fail during Vuser loading

  • While using the netstat application, many sockets are found to be in the WAIT state

  • The handle count of driver mmdrv rises during the running of the Vusers

  • A "No buffer space available" error message when trying to establish a connection

ABRUPT: a reset packet is sent to the web server causing it to close the connection. Note, however, that servers sometimes do not receive the packet or do not successfully execute cleanup operations. This usually results in dead connections.

FAST: a compromise between GRACEFUL and ABRUPT. A full shutdown sequence is initiated by the web client with a very fast timeout.


/* Use RC4-MD5 cipher for SSL */
web.setSocketsOption("SSL_CIPHER_LIST", "RC4-MD5");

For more options, see the C Language example, Example: web_set_sockets_option