請求服務(wù)器時川尖,系統(tǒng)只會選擇與該服務(wù)器的證書請求相匹配的證書。
可能會匹配到多個證書的各自頒發(fā)機構(gòu)茫孔。
可以設(shè)置AutoSelectCertificateForUrls來自動選擇哪個證書的頒發(fā)機構(gòu)叮喳。
設(shè)置方法chrome瀏覽器地址欄輸入chrome://flags/,然后對Enable policy management page為true缰贝。
接著地址欄輸入chrome://policy-tool/馍悟,然后AutoSelectCertificateForUrls設(shè)值。
值的格式是
{"pattern":"https://www.example.com","filter":{"ISSUER":{"CN":"certificate issuer name"}}}
certificate issuer name是指證書的頒發(fā)機構(gòu)剩晴。
非要指定某個證書锣咒,參考以下代碼:
'use strict';
const puppeteer = require('puppeteer');
const request = require('request');
const fs = require('fs');
(async () => {
const browser = await puppeteer.launch();
let page = await browser.newPage();
// Enable Request Interception
await page.setRequestInterception(true);
// Client cert files
const cert = fs.readFileSync('/path/to/cert.crt.pem');
const key = fs.readFileSync('/path/to/cert.key.pem');
page.on('request', interceptedRequest => {
// Intercept Request, pull out request options, add in client cert
const options = {
uri: interceptedRequest.url(),
method: interceptedRequest.method(),
headers: interceptedRequest.headers(),
body: interceptedRequest.postData(),
cert: cert,
key: key
};
// Fire off the request manually (example is using using 'request' lib)
request(options, function(err, resp, body) {
// Abort interceptedRequest on error
if (err) {
console.error(`Unable to call ${options.uri}`, err);
return interceptedRequest.abort('connectionrefused');
}
// Return retrieved response to interceptedRequest
interceptedRequest.respond({
status: resp.statusCode,
contentType: resp.headers['content-type'],
headers: resp.headers,
body: body
});
});
});
await page.goto('https://client.badssl.com/');
await browser.close();
})();
但是mac導(dǎo)出證書和key是個大問題啊
