Set and view SSL certificates with Postman


If this topic interests you, check out this related post about SSL certificates.

Secure Sockets Layer (SSL) certificates are a way of authentication for some servers using the SSL encryption protocol. These certificates provide secure, encrypted communications between a client and a server. If you’re submitting sensitive data such as passwords or payment information, these certificates are often used in testing and development environments to provide a layer of security for an API.

If a server requires this type of client authentication, the client is required to send the associated SSL certificate along with any requests. Using the Postman native apps, you can view and set SSL certificates on a per domain basis. If you’re using HTTPS in production, this allows your testing and development environments to mirror your production environment as closely as possible.

When you add a client certificate to the Postman app, you associate a domain with the certificate. This means that for all HTTPS requests sent to this configured domain, the certificate will be sent along with the request.

Once you add a new client certificate, open up the Postman console and send a request to the configured domain. Make sure you’re using https so the client certificate is sent along with the request. In the console, inspect the certificate that was sent along with the request.

Read more about managing SSL certificates in the native apps, or troubleshooting self-signed SSL certificates in the Postman app.


Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.

8 thoughts on “Set and view SSL certificates with Postman

  • Avatar

    Where did you get the .crt file and .key file ? I can’t export them in my Chrome browser!

  • Avatar

    Thank you Joyce, It works for me, Do you know how can I do the same thing with Pentaho data integration?

  • Avatar

    It would be great to have control over the client-certificate on a per request basis (e.g. use a different client-certificate or none)

  • Avatar

    Hi ,
    I am using a proxy in POSTMAN which listens on port 8500. I have disabled the “ssl verification” but when I connect to my application, it still fails with error message
    Got error: Post “https://:8443/api/v2/login”: x509: certificate signed by unknown authority
    What am I missing here?

    • Avatar

      Hi Gururaj, Please contact our support team at and they’ll be able to help you.🙂

  • Avatar

    Does it support the .pfx file?

  • Avatar

    Hi Joyce, a question. Why the private key is sent along with the client cert? key is supposed not be shared with anyone right? I thought only cert should be set.