Set and view SSL certificates with Postman
If this topic interests you, check out this related post about SSL certificates.
Secure Sockets Layer (SSL) certificates are a way of authentication for some servers using the SSL encryption protocol. These certificates provide secure, encrypted communications between a client and a server. If you’re submitting sensitive data such as passwords or payment information, these certificates are often used in testing and development environments to provide a layer of security for an API.
If a server requires this type of client authentication, the client is required to send the associated SSL certificate along with any requests. Using the Postman native apps, you can view and set SSL certificates on a per domain basis. If you’re using HTTPS in production, this allows your testing and development environments to mirror your production environment as closely as possible.
When you add a client certificate to the Postman app, you associate a domain with the certificate. This means that for all HTTPS requests sent to this configured domain, the certificate will be sent along with the request.
Once you add a new client certificate, open up the Postman console and send a request to the configured domain. Make sure you’re using https
so the client certificate is sent along with the request. In the console, inspect the certificate that was sent along with the request.
Read more about managing SSL certificates in the native apps, or troubleshooting self-signed SSL certificates in the Postman app.
Where did you get the .crt file and .key file ? I can’t export them in my Chrome browser!
Thank you Joyce, It works for me, Do you know how can I do the same thing with Pentaho data integration?
It would be great to have control over the client-certificate on a per request basis (e.g. use a different client-certificate or none)
We’re tracking that as a feature request here https://github.com/postmanlabs/postman-app-support/issues/2849, please add your use-case there as this helps us prioritize!
Hi ,
I am using a proxy in POSTMAN which listens on port 8500. I have disabled the “ssl verification” but when I connect to my application, it still fails with error message
Got error: Post “https://:8443/api/v2/login”: x509: certificate signed by unknown authority
What am I missing here?
Hi Gururaj, Please contact our support team at [email protected] and they’ll be able to help you.🙂
Does it support the .pfx file?
Hi Joyce, a question. Why the private key is sent along with the client cert? key is supposed not be shared with anyone right? I thought only cert should be set.