SSL with passphrase

I have the following curl which I would like to do the same with K6.
curl --request POST --url $url
–header “Authorization: Bearer $token”
–header “Content-Type: application/json”
–header “SEB-IDEMPOTENCY-KEY: some-uuid”
–cert-type p12
–cert /path/dev.p12:password
–data ‘{
“instructedAmount”: {
“value”: 232.43,
“currency”: “SEK”
},
“accountId”: “b64bfa09-1e6c-49d5-91a7-060e2f4b5327”,
“swishNumber”: “46726548987”,
“endUserIp”: “131.121.39.111”
}’

I wrote the following k6 code but I am getting an error saying passphrase

json: unknown field "passphrase"

K6 code,

import { check } from 'k6';
import http from "k6/http";

const sslOptions = {
  domains: ['api.dev.xxx.com'],
  cert: open('../resources/labradoodle-dev.p12'),
  passphrase: 'xxx'
};

// Options object to pass to the http.request function
export const options = {
  iterations: 10,
  tlsAuth: [sslOptions]
};

export default function () {

  const payload = JSON.stringify({
    instructedAmount: {
      currency: 'SEK',
      value: 99.01
    },
    accountId: 'b64bfa09-1e6c-49d5-91a7-060e2f4b5327',
    message: 'Swish payout !',
    swishNumber: '46702000000',
    endUserIp: '128.2.19.2'
  });

  const response = http.post('https://xxxcom/payments/v1/swish/payout', payload, {
    headers: {
      'Content-Type': 'application/json',
      'Authorization': 'Bearer token',
      'SEB-IDEMPOTENCY-KEY': '8f6a362a-c400-4d9d-9812-a6bd810aa505'
    }
  });

  console.log(response);
  check(response, {
    'is status 201': (r) => r.status === 200,
    'got more than 5 crocs': (r) => r.json().length > 5,
  });
  // Log the response body
  console.log('Response body:', response.body);
}


Hi @lahiruginnaliya

Apologies for the delay in getting back to you.

I’m by no mean a specialist of TLS or cryptography, but my understanding is that .p12 files are in the PKCS12 format which is not supported neither by JS standards such as the WebCrypto, nor k6.

Thus, there is currently no way to use that key directly and provide the passphrase for it in k6.

However, I did some digging around, and it looks like a working way forward for you could be to use OpenSSL to convert those files to the PEM key format, which k6 would accept.

Let me know if that helps unblocking you :bowing_man: