Error in request EPROTO alert number 46

I have an A1 .pfx certificate and I have to make a request via postman using the certificate. I did the following process to extract the keys this way.
open the terminal of your choice, navigate to the directory where the .pfx is located and execute the following command:

openssl pkcs12 -in certificate.pfx -nocerts -out public-crypted.key
After execution, it will ask to enter the .pfx password, for example:

Enter Import Password:<Type .pfx password here>
Enter PEM pass phrase:<Enter .pfx password here>
Verifying - Enter PEM pass phrase:<Enter .pfx password here>
Now run the following command:

openssl pkcs12 -in certificate.pfx -clcerts -nokeys -out certificate.crt
Confirm the Password:

Enter Import Password:<Type .pfx password here>
Then run the:

openssl rsa -in public-crypted.key -out public.key
Confirm the Password:

Enter pass phrase for public-crypted.key:<Enter .pfx password here>
And if the password is correct, it will show the information in the console:

writing RSA key
Afterwards, just check the certificate.crt and public.key files in the directory. You can disregard the public-crypted.key file.

With the generator files I configured it in postman but I get the following error:

Error: write EPROTO 66747912:error:10000416:SSL routines:OPENSSL_internal:SSLV3_ALERT_CERTIFICATE_UNKNOWN:…/…/…/…/src/third_party/boringssl/src/ssl/ alert number 46

Hey @ruan.benite.wdna !

Looks like the error you’re encountering is typically related to the SSL/TLS handshaking process, which establishes a secure connection between the client (Postman in this case) and the server. Some things to help troubleshoot:

  1. Verify the Certificate and Key: Double-check the steps you took to extract the key & cert from your .pfx file. Make sure there were no errors during this process.
  2. Disable SSL Verification: In Postman’s settings, try disabling SSL certificate verification. This is not recommended for production or sensitive environments but can help identify if the issue is due to SSL/TLS.
  3. Server’s Certificate Acceptance Policy: If you have access to the server’s configuration, check if the server is set to accept client certificates.
  4. Try with Another Client: To rule out any Postman-specific issues, you could try using the certificate with another client like Curl or another HTTP client. If the certificate works with another client, there might be an issue with how Postman is configured.
  5. Check the Certificate Chain: The error might be due to an incomplete certificate chain or the server not trusting the Certificate Authority (CA) that signed your certificate. Verify that the certificate chain is complete and trusted by the server.
1 Like