使用证书测试 API [英] Testing API's with certificates
问题描述
我对 API 有点缺乏经验.我一直在搞砸,并设法让他们工作.
I'm somewhat inexperienced with API's. I've been screwing around and somehow managed to get them working.
我的问题与以前工作的 API 有关.它是一个 POST,具有非可变 URL(即 not https://url/call?id={id})和 JSON 正文请求.
My question is relating to an API that was working before. It is a POST, with a non-variable URL (i.e. not https://url/call?id={id}), and with a JSON body request.
使用 openssl 生成的证书保护调用.该证书已经过期,并且完全按照 API 文档中详细说明的步骤进行操作.我已经在屏幕共享上与 API 的开发人员一起使用 Postman 指定的 pem、key 和 pfx 文件在 Postman 上测试了这些文件.
The call is secured with a certificate that was generated using openssl. The certificate has since expired, and following the steps exactly as detailed in the API documentation. I have tested the files, with the developers of the API on a screen share, on Postman using the pem, key and pfx files as Postman specifies.
但我们的系统需要一个 CER 文件,该文件由我们平台的专家从 pfx 文件生成 - 这是我与任何文件都没有交互的唯一部分.
But our system needs a CER file, that is generated from the pfx file by our Platform's specialists - and that is the only part where I have no interaction with any of the files.
在 Postman 上调用成功,但是当生成并安装 CER 文件时,它不起作用.
On Postman the call is successful, but when the CER file is generated and installed, it doesn't work.
是否还有其他类似于 Postman 的应用程序,但我可以在其中使用我们平台生成的 CER 文件,或者生成我自己的 CER 文件,对其进行测试并安装然后使用.
Is there another app similar to Postman, but where I can use the CER file as generated by our Platform, or perhaps generate my own CER file, test it and install and then use.
谢谢
推荐答案
Pfx 或 Key 文件包含签名 API 请求所需的私钥,但 CER 文件不包含私钥.
Pfx or Key files contains private key that is required to sign API request but CER file does not contain private key.
如需更多详细信息,请分享 API 规范,以便设计实现需求的机制.
For any more details, please share the API specifications so the mechanism to achieve requirement can be devised.
这篇关于使用证书测试 API的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
