If the “curl_loader” tool is used to load test a website that is available through HTTPS (TLS / SSL) and if certificate chain verification is required then you would need to update the source and recompile. Note that curl_loader utilizes libcurl that generally is powered by OpenSSL API. In steps:
- Open the loader.c file
- Search for “SSL_VERIFY_PEER” in loader.c file
- Replace and add the following code:
curl_easy_setopt (handle, CURLOPT_SSL_VERIFYPEER, 1);
curl_easy_setopt (handle, CURLOPT_SSL_VERIFYHOST, 2);
// this is the location of the foile that holds the CA certificate that would be trusted by the underlying curl protocol stack
curl_easy_setopt (handle, CURLOPT_CAINFO, "chain.pem");
// Specify the cipher-suite as an environment variable.
char *cipherString = getenv("CIPHER_STRING");
curl_easy_setopt (handle, CURLOPT_SSL_CIPHER_LIST, cipherString);
And that is it.