Monitor one URL passing cert/key and password

Hi guys,

We are trying to monitor one URL passing, crt/key and password but no success.

  1. This config we receive 400 error, it’s correct, because we didn’t pass cert/key/pass.

$http.get({
url: ‘https://example.com’,
agentOptions: {
cert: ‘’,
key: ‘’,
pass: ‘password’
}
}, function(err, resp, body){
console.log(err, resp, body);
});

Response:
400 No required SSL certificate was sent
400 Bad Request
No required SSL certificate was sent

  1. In this config, passing cert/key and password we receive this error:

$http.get({
url: ‘https://example.com’,
agentOptions: {
cert: ‘-----BEGIN CERTIFICATE-----\n…\n-----END CERTIFICATE-----\n’,
key: ‘-----BEGIN RSA PRIVATE KEY-----\nProc-Type: 4,ENCRYPTED\nDEK-Info: DES-EDE3-CBC,89CFB246D97370F9\n…\n-----END RSA PRIVATE KEY-----\n’,
pass: ‘password’
}
}, function(err, resp, body){
console.log(err, resp, body);
});

Response: { Error: error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long
at Object.createSecureContext (_tls_common.js:134:17)
at Object.connect (_tls_wrap.js:1121:48)
at Agent.createConnection (https.js:120:22)
at Agent.createSocket (_http_agent.js:227:26)
at Agent.addRequest (_http_agent.js:185:10)
at new ClientRequest (_http_client.js:249:16)
at Object.request (https.js:281:10)
at Object. (/opt/runtimes/4.0.0/node_modules/global-proxy-agents/node_modules/agent-base/patch-core.js:52:20)
at Object.patchedRequestMethod (/opt/runtimes/4.0.0/node_modules/global-proxy-agents/index.js:298:32)
at Request.start (/opt/runtimes/4.0.0/node_modules/request/request.js:751:32)
opensslErrorStack:
[ ‘error:0907B00D:PEM routines:PEM_read_bio_PrivateKey:ASN1 lib’,
‘error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error’,
‘error:0D068066:asn1 encoding routines:asn1_check_tlen:bad object header’,
‘error:0D07207B:asn1 encoding routines:ASN1_get_object:header too long’,
‘error:04093004:rsa routines:old_rsa_priv_decode:RSA lib’,
‘error:0D07803A:asn1 encoding routines:asn1_item_embed_d2i:nested asn1 error’,
‘error:0D068066:asn1 encoding routines:asn1_check_tlen:bad object header’ ] } undefined undefined

crt/key files and password are corrects, when we pass this command, works well:
curl --location --key /bruno/user-qa.key --cert /bruno/user-qa.crt --pass password --request GET ‘https://example.com/actuator/health
Response: {“status”:“UP”}

Any idea?

Best
Bruno

Hi @brmartins, I just caught this post and found out we already worked on this issue with you via internal ticketing. As mentioned there, it seems cert and key aren’t technically supported functions. Still, they may work.
One suggestion would be to potentially consider trying to use this with a Containerized Private Minion. Otherwise, it seems that the header being passed in is too long per the error output that I’m getting. You might consider seeing if you could shorten this in order to skirt around any character limits that might be in place.

Have you had the chance to review this post that deals with a similar case and explores how to pass cert and key values into your request? Client certificate for Synthetics authentication