Special considerations for testing secure web applications

Your ability to test secure web applications depends on the type of authentication that is required.

Testing web applications requires the mobile web recorder. On Android clients, you are prompted to install the mobile web recorder the first time you click Manage Web Applications in the Android client. For iOS, you must download and install the mobile web recorder from the Apple App Store on each device or simulator that you use for testing.

Most web applications use digital certificates to establish a secure connection with a client. In some cases, when you record a test of a web application, the mobile web recorder validates the server certificate automatically, and no action is required on your part. In some other cases, you are prompted to supply a user ID and password to authenticate with the server.

There is also another type of authentication that uses client-side certificates. Currently, this type of authentication is only supported on iOS clients. In this case, you will need to supply the URL for the client-side certificate and provide a password. Doing so decodes the encrypted certificate and lets you start recording.

In addition, there are two other characteristics of authentication that you should know about: