Secure Sockets Layer (SSL) certificates are a way of authentication for some servers using the SSL encryption protocol. These certificates provide secure, encrypted communications between a client and a server. If you’re submitting sensitive data such as passwords or payment information, these certificates are often used in testing and development environments to provide a layer of security for an API.
If a server requires this type of client authentication, the client is required to send the associated SSL certificate along with any requests. Using the Postman native apps, you can view and set SSL certificates on a per domain basis. If you’re using HTTPS in production, this allows your testing and development environments to mirror your production environment as closely as possible.
When you add a client certificate to the Postman app, you associate a domain with the certificate. This means that for all HTTPS requests sent to this configured domain, the certificate will be sent along with the request.
Once you add a new client certificate, open up the Postman console and send a request to the configured domain. Make sure you’re using
https so the client certificate is sent along with the request. In the console, inspect the certificate that was sent along with the request.
Read more about managing SSL certificates in the native apps, or using self-signed SSL certificates in the Postman Chrome app (which is being deprecated).