For tlsAuth, we don't have any key pem file with RSA Private key. We have only client authorised certificate. How to bypass the key parameter for tlsAuth?

import http from 'k6/http';

export const options = {
  tlsAuth: [
      domains: [''],
      cert: open('./mycert.pem'),
      key: open('./mycert-key.pem'),  --> I don't have any key file

export default function () {

Hi @Renusri

Welcome to the community forum :wave:

If you only have a client authorized certificate but not the corresponding RSA private key, you won’t be able to use it for TLS authentication with k6. If this is what you are after, a TLS client certificate.

By default and without any special configuration, k6 connects and talks to servers over TLS. That is, when you don’t require mutual TLS, there is no need to use tlsAuth.

TLS authentication requires both a client authorized certificate and its corresponding private key, it’s not a k6-related issue. The private key is used to prove to the server that the client is the legitimate owner of the certificate. Without the private key, the client cannot authenticate itself to the server. You would have the same issue using curl.

If you don’t have the private key, you may need to contact the certificate issuer to obtain it. Once you have the private key, you can use it along with the client authorized certificate in k6’s tlsAuth configuration. I would suggest testing it with curl first, to make sure it’s working.

If you are unable to obtain the private key, you may need to consider alternative authentication methods or use a different endpoint that does not require TLS authentication.

Let me know if I did not interpret your case correctly.