Whistle

English

简体中文

English

简体中文

Appearance

tlsOptions

Configure the security parameters for HTTPS/TLS connections, used to establish encrypted communication channels and server authentication.

Only the latest version of Whistle (≥ v2.9.101) supports this feature.

Rule Syntax

txt
pattern tlsOptions://value [filters...]
ParametersDescriptionDetailed Documentation
patternExpression to match request URLsMatch Pattern Documentation
valueOperation data object or cipher suite name, supported from the following sources:
• Directory/file path
• Remote URL
• Inline/embedded/Values content		Operation Instruction Documentation
filtersOptional filters, supported for matching:
• Request URL/method/header/content
• Response status code/header		Filters Documentation

tlsOptions Operation Object Structure:

  1. Cipher Suite Name
    txt
    ECDHE-ECDSA-AES256-GCM-SHA384:DH-RSA-AES256-GCM-SHA384

    Multiple suites are separated by :

  2. tls.connect(options) Parameters
    js
    {
  ciphers: string
  secureProtocol: string
  maxVersion: string
  minVersion: string
  honorCipherOrder: boolean
  ca: string
  allowPartialTrustChain: string
  sessionIdContext: string
  sigalgs: string
  dhparam: string
  ecdhCurve: string
  secureOptions: number
  sessionTimeout: number
  base: public path of the certificate
  passphrase: key content of a pfx certificate
  pfx: certificate content or local uuid
}

    See: https://nodejs.org/docs/latest/api/tls.html#tlscreatesecurecontextoptions

Custom Cipher Suites

txt
www.example.com/path tlsOptions://ECDHE-ECDSA-AES256-GCM-SHA384:DH-RSA-AES256-GCM-SHA384

General manual configuration, see: https://github.com/avwo/whistle/issues/963

Configuring the Client Certificate

Specify the client certificate for mutual authentication (mTLS) requests.

  1. cert format certificate
    txt
    www.exaple.com/path tlsOptions://key=/User/xxx/test.key&cert=/User/xxx/test.crt
  2. pem format certificate
    txt
    www.exaple.com/path tlsOptions://key=E:\test.pem&cert=E:\test.pem
  3. pfx format certificate
    txt
    www.exaple.com/path tlsOptions://passphrase=123456&pfx=/User/xxx/test.pfx
  4. p12 format certificate
    txt
    www.exaple.com/path tlsOptions://passphrase=123456&pfx=E:/test.p12

    Windows paths can use a mix of / and \

Embedded certificate content

txt
# Same for other certificate formats
``` test.json
{
  key: '----xxx----- ... ----xxx-----',
  cert: '----yyy----- ... ----yyy-----'
}

www.exaple.com/path tlsOptions://{test.json}

Local/remote resource

txt
www.example.com/path1 tlsOptions:///User/xxx/test.json
www.example.com/path2 tlsOptions://https://www.xxx.com/xxx/params.json
# Editing a temporary file
www.example.com/path3 tlsOptions://temp/blank.json