请求服务器时,系统只会选择与该服务器的证书请求相匹配的证书。
可能会匹配到多个证书的各自颁发机构。
可以设置AutoSelectCertificateForUrls来自动选择哪个证书的颁发机构。
设置方法chrome浏览器地址栏输入chrome://flags/,然后对Enable policy management page为true。
接着地址栏输入chrome://policy-tool/,然后AutoSelectCertificateForUrls设值。
值的格式是
{"pattern":"https://www.example.com","filter":{"ISSUER":{"CN":"certificate issuer name"}}}
certificate issuer name是指证书的颁发机构。
非要指定某个证书,参考以下代码:
'use strict';
const puppeteer = require('puppeteer');
const request = require('request');
const fs = require('fs');
(async () => {
const browser = await puppeteer.launch();
let page = await browser.newPage();
// Enable Request Interception
await page.setRequestInterception(true);
// Client cert files
const cert = fs.readFileSync('/path/to/cert.crt.pem');
const key = fs.readFileSync('/path/to/cert.key.pem');
page.on('request', interceptedRequest => {
// Intercept Request, pull out request options, add in client cert
const options = {
uri: interceptedRequest.url(),
method: interceptedRequest.method(),
headers: interceptedRequest.headers(),
body: interceptedRequest.postData(),
cert: cert,
key: key
};
// Fire off the request manually (example is using using 'request' lib)
request(options, function(err, resp, body) {
// Abort interceptedRequest on error
if (err) {
console.error(`Unable to call ${options.uri}`, err);
return interceptedRequest.abort('connectionrefused');
}
// Return retrieved response to interceptedRequest
interceptedRequest.respond({
status: resp.statusCode,
contentType: resp.headers['content-type'],
headers: resp.headers,
body: body
});
});
});
await page.goto('https://client.badssl.com/');
await browser.close();
})();
但是mac导出证书和key是个大问题啊
