AutoCarlos
AutoCarlos

Reputation: 33

Karate SSL and HashiCorp Vault Secret Engine

Currently, I'm struggling with automation our API over SSL with Karate DSL, and the main problem is that I'm not able to automate this API without keeping that cert.pfx in some directory with below configuration:

// enable X509 certificate authentication with PKCS12 file 'certstore.pfx' and password 'certpassword'

Is there any other approach to load the cert store? instead of using certstore.pfx form local directory/cloud/sftp dir?

I was thinking about creating a KeyStore java object(with chain certs& private key) and pass it to configuration instead of (pfx file) { keyStore: keyStoreObj, keyStorePassword: 'xxx' ..}, or some other memory object, which will provide all needed certs/keys to connect over SSL.

thanks for your advice!

Upvotes: 1

Views: 588

Answers (2)

Peter Thomas
Peter Thomas

Reputation: 58088

Use Java interop: https://github.com/intuit/karate#calling-java

For example: you can implement some custom way to get the cert that you need and save it to /tmp and then use file:/tmp/mycert.pfx to load the cert.

It is up to you to implement in any way that you want.

For more ideas, refer: https://stackoverflow.com/a/78917050/143475

Upvotes: -1

AutoCarlos
AutoCarlos

Reputation: 33

Thank you Peter, so I decided to go to that advanced way, so decide to extend HttpClient, where I override configure(HttpConfig config, ScriptContext context) and decide to pass there KeyStore object, which was constructed before with certificates, which I got from HasiCorp Vault.

Btw Karate DSL is great!

Upvotes: 2

Related Questions