How to provide passphrase in SSL/TLS certificates

According to this doc: https://k6.io/docs/using-k6/protocols/ssl-tls/ssl-tls-client-certificates

The object contains

{
  tlsAuth: [
    {
      domains: ["example.com"],
      cert: open("./mycert.pem"),
      key: open("./mycert-key.pem")
    }
  ]
}

But there is no option to send passphrase. Private keys that need passphrase won’t work with the above configuration.

How do provide a passphrase along with the certificate paths?
Basically I am trying to send the following configuration that I have in Postman

Hi, welcome to the forum :slight_smile:

From what I understand, you’re using an encrypted client certificate that Postman decrypts with that passphrase before use. Unfortunately, this feature is not implemented natively in k6. The built-in k6/crypto module only does hashing, but there might be a way of getting this to work with CryptoJS.

See this comment for an example script. I’m not sure if CryptoJS can be loaded directly from the Node version or if you’ll need to run it through Browserify, but take a look at this template project for an example of doing that.

k6 could and probably should support this natively, and there have been efforts in improving the built-in crypto support, but it’s currently not the highest priority.

Hope this helps,

Ivan

1 Like