Open dwiyatci opened 1 week ago
This is strange. Client certificates still work for me on 1.28 and 1.29 (I am on MacOS).
What kind of certificates are you using? What is your bruno.json? Can you include your .bru file?
For me, I am using X509 certificates in the PEM format. This is how I configured them:
The relevant section in my bruno.json
is
"clientCertificates": {
"enabled": true,
"certs": [
{
"domain": "localhost",
"certFilePath": "{{certBasePath}}/.my-awesome-enterprise-service-client.crt",
"keyFilePath": "{{certBasePath}}/.my-awesome-enterprise-service-client.key",
"passphrase": ""
}
]
}
My certs are also in the PEM format and I'm also on macOS. I've checked my bruno.json
- nothing changed there, and I've verified the cert paths are valid - if they weren't, I believe they wouldn't work when I downgraded to v1.27.0 without changing anything 😬
"clientCertificates": {
"enabled": true,
"certs": [
{
"domain": "apiGatewayUrl1.com",
"type": "cert",
"certFilePath": "../../../../../domain1/crt.pem",
"keyFilePath": "../../../../../domain1/key.pem",
"passphrase": ""
},
{
"domain": "apiGatewayUrl2.com",
"type": "cert",
"certFilePath": "../../../../../domain2/crt.pem",
"keyFilePath": "../../../../../domain2/key.pem",
"passphrase": ""
}
]
},
Actually, is there a way to check/inspect whether the client cert is really appended in the request?
Quoting myself above, is there a way to debug it?
Hmm... That looks like it should work. I don't know of a way to check if the certificates were applied. I also checked the "history" tab of the golden edition, but it does not say anything about the certificates.
Hmm ok. Would be nice if it could be inspected (seems to me like Error 401
signifies that the cert is not sent along with the request somehow). Also, not sure if it's got something to do with absolute vs. relative paths reported in https://github.com/usebruno/bruno/issues/3090 because my collection resides in OneDrive folder and the cert resides outside of the folder - but I don't believe so. Or is it symlink-related stuff? Meh. Thing is, it's working in v1.27.0! 😂
In your bruno.json
above, certBasePath
is an envVar, right? And what's the value of it? I mean, is it an absolute or a relative path?
After some digging we found that it was the following issue:
localhost:3128
the-domain.com
the-domain.com
the-domain.com
Removing the proxy configuration allowed the user to continue. However, the fact that the client certificate is not picked up correctly is a bug, in my opinion.
Yep, the proxy bypass works but doesn't seem to send the client cert along. And I can confirm my request works after turning off my global proxy settings in v1.29.0.
I have checked the following:
Describe the bug
When I upgraded to v1.28, I thought it would be fixed in v1.29, but it's still broken somehow. 😞 I downgraded back to v1.27 and it worked there. Note that I didn't change anything except upgrading (and downgrading) Bruno version - so something must have changed between these versions that breaks the behavior. See screenshots for v1.29.0 vs. v1.27.0.
Actually, is there a way to check/inspect whether the client cert is really appended in the request?
.bru file to reproduce the bug
No response
Screenshots/Live demo link
❌ v1.29.0
✅ v1.27.0