SSL (Secure Sockets Layer) is the standard security technology for establishing an encrypted link between a web server and a browser. This link ensures that all data passed between the web server and browsers remain private and integral
Networks are serial of course. They handle multiple requests, but serially.
Presumably "concurrent connections" means open sockets - perhaps because you are not sure that the server is keeping them open? Or perhaps because firewall(s) might be dropping requests if limits are exceeded?
If you are not sure which, then if it was me, I would want to check with the actual server rather than a general tool. Since the server application itself could be the problem rather than the network and/or firewalls.
Rather simple to write code to do database (relational) connection testing. Just open connection and do simple do nothing query in a loop. Then wrap that in a loop for multiple connections.
More difficult for modern usage besides database since it is usually ReST (http) because the connection closes after the request. Thus what you really need to do is identify a rest call that takes a while. And really if you cannot do that they you need to put a Rest call in place that does take a while. Perhaps having it do nothing but return ok and have a sleep for 5 seconds or so before it returns to the ok. I will note that you could write http code that would keep the connection open but that is not normal and as such seems suspect to test in the first place.
If you can't control the server then you are going to need to bombard it with requests and that could incorrectly report results for normal firewall rules put into place to prevent DNS attacks.
Any tool of any sort requires understanding, configuration and even some messing about to get it up and running correctly.
Also why a "range of ports". Servers do not typically support more than several ports and functionality and even rules are different. Certainly shouldn't be doing performance testing on an app unless you know what that app does.
Just a warning, 'port scanning' is something that network infrastructures will flag and anomalous behavior and if it was me I would not do that unless I had it in writing (actual paper) from a superior that that is what they wanted done. That can lead to civil and criminal penalties and you want to be protected.
Posting this right here as I belive that this is a generic issue.
Right now if you do app development in most cases you are also code signing the app, using your favorite tool and a private key.
Since February, due to Microsoft adopting a new set of standards, issuers are obliged to deliver the digital certificates on hardware mediums aka USB tokens
Right now if you do app development in most cases you are also code signing the app
Not me. I figure if they have access to the server such that they can replace components then everything is already compromised. Not to mention that if they can do so in a useful manner then I would suspect an inside job as well (which the vast majority of breaches are anyways.)
Server receives a request for a particular client app, based on the request param's server changes the app's resources then code signs it, replying with the final result.
Not sure I understand what that scenario is suggesting.
Code signing involves using a certificate when the code is built (part of the CM build process) to provide security when the application runs. It allows the application to verify resources that it loads, such as a library.
That is a limited scope solution. All that is required is that a local machine (not cloud) is using for the final step of the process before delivery.
Your statement above suggests you are doing something in the normal client message handling scheme. That would be outside the scope of what I laid out.
Now I can see that if you are using a cloud server to do your builds then that would appear to be a problem for normal code signing. But your description would not seem to jive with that.