Newman: Providing additionally trusted CA certificate to newman

Created on 17 Oct 2019 · 5Comments · Source: postmanlabs/newman

Hi there,

I am using newman 4.5.5 (and love it - great work!) on Mac, installed via brew.

In newman, there are useful options for providing SSL client certificate and key files when running a collection against a https API, that verifies client certificates. However, there is no option to privide a trusted CA certificate.

This causes issues when testing APIs, that use a self signed server certificate, that thus cannot be verified by newman.

I know, that the --insecure option can be used to disable certificate verification, but in my opinion, this defeats the purpose - newman should be able to verify the server certificate even though it is self signed.

Is there a specific reason, why this functionality is not implemented so far? I had a quick look in the newman code and to mee, it seems, that the extra CA could be passed to the postman-runtime in lib/run/index.js, when the runner.run() function is called. There, the requester options can be set. According to postman-runtime, an extra CA can be provided here.

what do you think? Might this be feasible, or do you perfer to use the --insecureflag?

Cheers
Julian

Source

JulesRenz

👍2

Most helpful comment

--ssl-extra-ca-certs option is added in Newman v4.6.0 🎉

codenirvana on 24 Feb 2020

🎉3 🚀1

All 5 comments

I have same question as JulesRenz. Will this functionality be implemented?

huahua82 on 13 Nov 2019

I would also be very interested in this functionality.

yossarian123 on 20 Nov 2019

I would also like to see this implemented so that Newman has feature parity with Postman. I.e in postman I can add our .pem file, turn on SSL verification, and the self signed cert gets verified.

I also spent far too long assuming that this is what
--ssl-client-cert <path> does but had no luck with that.