135

Please read this carefully. Please do not send me a link on how to import a certificate.

I am using Postman for QA and testing work. I have a test system I frequently rebuild myself and so it is completely trusted. It has a custom self-signed certificates and I import them as detailed here: http://blog.getpostman.com/2014/01/28/using-self-signed-certificates-with-postman/

However, when I access the site, https://mysite.mycompany.com, I get a message "NET::ERR_CERT_REVOKED". Since it is revoked, importing the certificate does not help at all.

So, is there a way to get Postman to simply ignore certificates for testing purposes? I am not testing certificates but other functionality at this point in time. I do not care about security in this case at all as I have complete control of the system, I am behind a firewall, and I frequently rebuild the system.

Gino Mempin
  • 25,369
  • 29
  • 96
  • 135
PJLopez
  • 1,459
  • 2
  • 9
  • 4

4 Answers4

199

There is an option in Postman if you download it from https://www.getpostman.com instead of the chrome store (most probably it has been introduced in the new versions and the chrome one will be updated later) not sure about the old ones.

In the settings, turn off the SSL certificate verification option enter image description here

Be sure to remember to reactivate it afterwards, this is a security feature.

If you really want to use the chrome app, you could always add an exception to chrome for the url: Enter the url you would like to open in the chrome browser, you'll get a warning with a link at the bottom of the page to add an exception, which if you do, it will also allow postman to access your url. But the first option of using the postman stand-alone app is much better.

I hope this can help.

Al-Maamari Tareq
  • 2,172
  • 2
  • 12
  • 18
22

enter image description here

click here in settings, one pop up window will get open. There we have switcher to make SSL verification certificate (Off)

Anurag_BEHS
  • 1,390
  • 2
  • 22
  • 36
5

This is not the exact answer to this question, but those who are not able to find setting popup. Their is two ways to open setting pop up.

  1. Way 1

  2. Way 2

Himanshu Shekhar
  • 1,196
  • 1
  • 16
  • 35
3

enter image description here

This steps are used in spring boot with self signed ssl certificate implementation

if SSL turns off then HTTPS call will be worked as expected.

https://localhost:8443/test/hello

These are the steps we have to follow,

  1. Generate self signed ssl certificate
keytool -genkeypair -alias tomcat -keyalg RSA -keysize 2048 -storetype PKCS12 -keystore keystore.p12 -validity 3650

after key generation has done then copy that file in to the resource foder in your project

  1. add key store properties in applicaiton.properties 
server.port: 8443
server.ssl.key-store:classpath:keystore.p12
server.ssl.key-store-password: test123
server.ssl.keyStoreType: PKCS12
server.ssl.keyAlias: tomcat
  1. change your postman ssl verification settings to turn OFF

now verify the url: https://localhost:8443/test/hello

Lokesh Babu
  • 31
  • 3