Created
August 5, 2025 15:56
-
-
Save observethenoyes/1dbfedbe4f58c44d7cfacaa35da96f38 to your computer and use it in GitHub Desktop.
Using a browser context, loading in base64 credentials for mTLS
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import { expect, test } from '@playwright/test'; | |
| import fs from 'fs'; | |
| test('mTLS authentication test', async ({ browser }) => { | |
| // Load client certificate from environment variable or file | |
| let certBuffer; | |
| if (process.env.CHECKLY_CERTIFICATE) { | |
| certBuffer = Buffer.from(process.env.CHECKLY_CERTIFICATE, "base64"); | |
| } else { | |
| const certPath = 'client.pem'; | |
| if (fs.existsSync(certPath)) { | |
| certBuffer = fs.readFileSync(certPath); | |
| } else { | |
| throw new Error('No certificate found. Set CHECKLY_CERTIFICATE environment variable or provide client.pem file'); | |
| } | |
| } | |
| // Create browser context with client certificate | |
| const context = await browser.newContext({ | |
| userAgent: "CHECKLY TESTING", | |
| clientCertificates: [{ | |
| origin: 'https://certauth.idrix.fr', | |
| cert: certBuffer, | |
| key: certBuffer | |
| }], | |
| ignoreHTTPSErrors: true | |
| }); | |
| const page = await context.newPage(); | |
| await page.goto('https://certauth.idrix.fr/json'); | |
| // Get response and verify mTLS worked | |
| const jsonContent = await page.textContent('body'); | |
| if (!jsonContent) { | |
| throw new Error('No response received'); | |
| } | |
| // Check for authentication failure | |
| if (jsonContent.includes('403') || jsonContent.includes('Forbidden')) { | |
| throw new Error('mTLS authentication failed - certificate not accepted'); | |
| } | |
| const responseData = JSON.parse(jsonContent); | |
| // Verify certificate was presented | |
| expect(responseData).toHaveProperty('SSL_CLIENT_I_DN'); | |
| expect(responseData).toHaveProperty('SSL_CLIENT_S_DN'); | |
| expect(responseData).toHaveProperty('SSL_CLIENT_VERIFY'); | |
| expect(responseData).toHaveProperty('SSL_PROTOCOL'); | |
| expect(responseData).toHaveProperty('HTTPS', 'on'); | |
| console.log('✅ mTLS Authentication successful'); | |
| console.log('Certificate Info:', { | |
| subject: responseData.SSL_CLIENT_S_DN, | |
| issuer: responseData.SSL_CLIENT_I_DN, | |
| protocol: responseData.SSL_PROTOCOL | |
| }); | |
| await page.screenshot({ path: 'mtls-result.png' }); | |
| await context.close(); | |
| }); |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment