Open mattisking opened 3 months ago
Interestingly, the pfx passphrase is being interpolated, which means bru file like this works, assuming the password is stored in environment variable pfx_pass
- which may be marked as a secret.
"clientCertificates": {
"enabled": true,
"certs": [
{
"domain": "*",
"type": "pfx",
"pfxFilePath": "certs/client.example.com.p12",
"passphrase": "{{pfx_pass}}"
}
]
}
Ah great. That’ll work for me. Thanks.
I have checked the following:
Describe the bug
The recent landing of pfx support for certs is great, thanks for that. However, the passPhrase is currently stored in the clear in the collection bru file, meaning it’s also going to go into Git (for most people).
Why not make this use the same secrets logic you have for secret variables.
.bru file to reproduce the bug
Not really necessary. You can see this if you simply add a PFX cert with its passphrase.
Screenshots/Live demo link
Not needed.