How to setup Gatling to use client certificates per virtual user?

Question

How to setup Gatling to use client certificates per virtual user?

I am preparing Gatling simulations for API that is protected by client certificates and currently I only managed to set using one client certificate for all simulations in Gatling configuration

ssl {
  keyStore {
    #type = ""
    file = "C:/client_certificates/00001.pfx"
    password = "password"
    #algorithm = ""
  }
}

However, I would like to have different client certificates for different virtual users (client certificates can be selected randomly from the list of available client certificates or circularly). Galing documentation mentions keymanagerfactory and perUserKeyManagerFactory function, but without explicit examples of how to use it.

Answer 1

The keys of the config provided in the question are referenced in io.gatling.core.ConfigKeys.ssl.keyStore. The values are read and passed to Ssl.newKeyManagerFactory to create a KeyManagerFactory.

---

perUserKeyManagerFactory takes in a function Long => KeyManagerFactory that constructs the KeyManagerFactory from the virtual user's ID.

---

Knowing that we can write the following:

import io.gatling.commons.util.Ssl

...
.perUserKeyManagerFactory { userId =>
  val fileName = f"C:/client_certificates/$userId%05d.pfx"
  Ssl.newKeyManagerFactory(None, fileName, "password", None)
}

With the f interpolator, we can easily pad the userId with zeros to have 5 digits.

To select the files circularly, we can write ${userId % totalNumber} instead of $userId.