bruno icon indicating copy to clipboard operation
bruno copied to clipboard
verified publisher icon usebruno

Not possible to specify client certificate in BrunoCLI

Open angelaatskandia opened this issue 1 year ago • 2 comments

I have checked the following:

  • [X] I use the newest version of bruno.
  • [X] I've searched existing issues and found nothing related to my issue.

Describe the bug

In the Bruno application it is possible to configure a client certificate by defining paths to cert and key files on collection level. However, this option seems to be missing when running BrunoCLI - one can only configure path to cacert through command line, not paths to client certificates.

This hinders from running Bruno tests in continuous testing / continuous integration environments.

.bru file to reproduce the bug

No response

Screenshots/Live demo link

It is a bit tricky to take a screenshot of something that is missing :-)

angelaatskandia avatar Jul 31 '24 08:07 angelaatskandia

In current implementation, the CA file is an application level setting, so it makes sense to have a cli switch for that. The mTLS certificates however are configured at collection level, so they are read when executing cli already, as any other request configuration. Also, the fields storing paths and passwords support variables already, so the cli invocation can be customized easily.

Would you elaborate how you expect the additional cli switches to work and what --keywords you need?

pietrygamat avatar Jul 31 '24 12:07 pietrygamat

Good to hear that it is easy to customize the cli :-)

One solution would be to read the paths, domain and phrases from the bruno.json when triggering tests from BrunoCLI. However, the drawback would be that the paths to the certificate files might differ between local machines (where tests are developed) and CI-servers. So when the tester commits the collection, the local settings will be the ones used when running the committed tests on the pipeline server.

So a solution where paths, domain and phrases can be injected using arguments/keywords over command line would be preferable from a CI/CT perspective. Regarding the switches, maybe reusing the ones from the application could be suitable? Keywords could then be something like: --domain --clientcertfile --clientcertkey

This would give a command like: bru run --env test --cacert D:/rootcert.cer --domain *.company.org --clientcertfile D:/clientcert.cer --clientcertkey D:/clientcert.pem --output results.xml --format junit

angelaatskandia avatar Jul 31 '24 13:07 angelaatskandia

Apologies for the delay in response. However, we have implemented this, and it is available in the latest version of the Bru CLI. Please refer to the documentation here: https://docs.usebruno.com/bru-cli/proxyConfiguration#using-client-certificates-for-api-requests

Pragadesh44-Bruno avatar Nov 26 '25 04:11 Pragadesh44-Bruno