tlsOptions
Configure the security parameters for HTTPS/TLS connections, used to establish encrypted communication channels and server authentication.
Only the latest version of Whistle (≥ v2.9.101) supports this feature.
Rule Syntax
txt
pattern tlsOptions://value [filters...]
Parameters | Description | Detailed Documentation |
---|---|---|
pattern | Expression to match request URLs | Match Pattern Documentation |
value | Operation data object or cipher suite name, supported from the following sources: • Directory/file path • Remote URL • Inline/embedded/Values content | Operation Instruction Documentation |
filters | Optional filters, supported for matching: • Request URL/method/header/content • Response status code/header | Filters Documentation |
tlsOptions Operation Object Structure:
- Cipher Suite Nametxt
ECDHE-ECDSA-AES256-GCM-SHA384:DH-RSA-AES256-GCM-SHA384
Multiple suites are separated by
:
tls.connect(options)
Parametersjs{ ciphers: string secureProtocol: string maxVersion: string minVersion: string honorCipherOrder: boolean ca: string allowPartialTrustChain: string sessionIdContext: string sigalgs: string dhparam: string ecdhCurve: string secureOptions: number sessionTimeout: number base: public path of the certificate passphrase: key content of a pfx certificate pfx: certificate content or local uuid }
See: https://nodejs.org/docs/latest/api/tls.html#tlscreatesecurecontextoptions
Custom Cipher Suites
txt
www.example.com/path tlsOptions://ECDHE-ECDSA-AES256-GCM-SHA384:DH-RSA-AES256-GCM-SHA384
General manual configuration, see: https://github.com/avwo/whistle/issues/963
Configuring the Client Certificate
Specify the client certificate for mutual authentication (mTLS) requests.
- cert format certificatetxt
www.exaple.com/path tlsOptions://key=/User/xxx/test.key&cert=/User/xxx/test.crt
- pem format certificatetxt
www.exaple.com/path tlsOptions://key=E:\test.pem&cert=E:\test.pem
- pfx format certificatetxt
www.exaple.com/path tlsOptions://passphrase=123456&pfx=/User/xxx/test.pfx
- p12 format certificatetxt
www.exaple.com/path tlsOptions://passphrase=123456&pfx=E:/test.p12
Windows paths can use a mix of
/
and\
Embedded certificate content
txt
# Same for other certificate formats
``` test.json
{
key: '----xxx----- ... ----xxx-----',
cert: '----yyy----- ... ----yyy-----'
}
www.exaple.com/path tlsOptions://{test.json}
Local/remote resource
txt
www.example.com/path1 tlsOptions:///User/xxx/test.json
www.example.com/path2 tlsOptions://https://www.xxx.com/xxx/params.json
# Editing a temporary file
www.example.com/path3 tlsOptions://temp/blank.json