[Problem]: I am working with on-premise resources that are not accessible publicly. I am running automation tests with Katalon Runtime Engine (KRE) in Docker, but the Chrome driver and KRE are not recognizing the internal certificates installed on the same VM. I want to make Katalon Studio recognize and trust these internal certificates.
[Solution]: To resolve this issue, I need to add the internal certificates to the Java keystore used by Katalon Studio and configure Katalon Studio to use the updated keystore. Here’s a step-by-step guide:
- Export the internal certificate to a
.cer file format:
I can use the following command to export the certificate:
openssl s_client -connect my_domain:port -showcerts </dev/null 2>/dev/null | openssl x509 -outform PEM > my_certificate.pem
Replace “my_domain” with my internal domain, “port” with the corresponding port number, and “my_certificate.pem” with my desired output file name.
- Add the certificate to the Docker image:
Since I am running KRE in Docker, I need to add the exported certificate file to my Docker image. I can do this by creating a new Dockerfile or modifying an existing one to include the following lines:
COPY my_certificate.pem /path/to/certificates/
Replace “/path/to/certificates/” with the desired directory within the Docker image where I want to store the certificate.
- Locate the Java
Find the Java installation directory used by Katalon Studio within the Docker image. Once I’ve identified the Java version, I can locate the
jre/lib/security/cacerts file within the Java installation directory.
- Import the certificate into the Java keystore:
In the Dockerfile, add a command to import the exported certificate into the Java keystore:
RUN keytool -import -alias my_alias -file /path/to/certificates/my_certificate.pem -keystore path_to_your_cacerts_file -storepass changeit -noprompt
Replace “my_alias” with a unique alias for the certificate, “/path/to/certificates/my_certificate.pem” with the path to the certificate within the Docker image, and “path_to_your_cacerts_file” with the path to the
cacerts file I located earlier.
- Configure Katalon Studio to use the updated keystore:
Add the following JVM options to my
Replace “path_to_your_cacerts_file” with the path to the
cacerts file where I imported the certificate, and “your_keystore_password” with the password for the keystore (by default, it is
- Rebuild the Docker image:
Rebuild the Docker image using the updated Dockerfile. This will include the internal certificate in the Java keystore used by Katalon Studio.
- Re-run my tests:
After completing these steps, Katalon Studio should recognize my internal certificates. I can re-run my tests and check if the issue is resolved.