Postman Cli returns "Error: self signed certificate in certificate chain"

Short version:
API key is valid, Postman recognizes and uses PEM certificate, so why do I get a certificate error when trying to postman login --with-api-key?

Long version:
With the new limits on collection runs, I’ve been tasked with figuring out if Postman should remain our paid API tool.

I’ve installed Postman Cli, created an API key in https://domain-web.postman.co/settings/me/account and verified that said API key works.

From my workplace whenever I try to try to login using: postman login --with-api-key I get the error: “Error: self signed certificate in certificate chain”

This is expected as we have our own certificate decrypting all SSL traffic.

Therefor I exported both our own CA root certificate as well as the intermediate certificate ssldecrypt..local and converted both to a PEM certificate using certutil.exe -encode <ssldecrypt.cer> mycert.pem

I have added the PEM certificate to Postman from Settings > Certificate and tested it against https://postman-echo.com/get

With my PEM certificate removed I get a “Warning: self signed certificate in certificate chain” in the PM console.

With my PEM certificate uploaded and enabled I have no issues reaching https://postman-echo.com/get

So what am I missing here?

_
Edit:
I also tried --ssl-client-key and --ssl-client-cert (from Newman) but as expected neither flag is supported by Postman Cli

Snatched the certificate from postman.com (redirected from postman-echo.com), saved is as -pem and added it to my certificate root store

certutil -addstore -f "Root" postman.pem

Same error.

For anyone testing the above, you can remove the certificate using the thumbprint and:

certutil -delstore "Root" <thumbprint>

1 Like

Bumping as this is still an issue.

My PEM certificate works fine in the Postman client, but there’s no way to add it for login via Postman Cli.

Someone else must have had this issue with Postman Cli, so please help if you have a solution

postman login -h returns

Usage: postman login [options]

Store a Postman API Key to access your Postman resources

Options:
  --alias <alias>          Specify the alias of the API key to fetch your resources using it.
  --with-api-key <apikey>  Specify the API key directly.
  -h, --help               display help for command

So apparently no option to define certificate supported on login.
Could someone from the Postman team kindly tell me how to log in using a self-signed certificate

I guess not :slightly_frowning_face:

Well, the collection run limit is now imposed (even on my paid plan), but I still can’t login and my requests for help are ignored by the Postman staff.

Two thumbs down.

Hi, have you figured this out? I am having the same issue with Postman cli

1 Like

Nope, no luck yet, and not a peep from anyone at Postman

Bump - I am also experiencing the same issue.

This may be unrelated but I saw this thread and just wanted to pass along just in case it helps at all. I was just starting to experiment with CLI and was getting errors about unsigned certificate in the request (not the certificate chain as indicated above)-- the login seemed to work ok but the error appeared to be specific to the request. To be clear I’m not attempting to use a certificate so this may be the opposite of what you are attempting but on the off chance this helps wanted to pass along any potential info. In my testing I found I needed to disable the SSL certificate verification toggle in the settings on my account (I think this was already off by default so maybe toggle on and back off and be sure to save). I think also had to visit each request within the collection I was attempting to run and adjust the settings on each individual request and toggle on/off the Enable SSL certificate verification setting and resave each request(again this appeared to be disabled by default but for some reason this step seemed to resolve my particular issue. Hopefully that helps but I’m still brand new to postman and api in general.

Appreciate the suggestion, unfortunately that didn’t solve my issue either.

Same for me . I am also getting same error , very frustrating

Error remains in v1.1.2

3 months in and not even a peep from the Postman team, despite being a paying customer

1 Like

???

thisistwentychars

Bumping up as I’m getting this issue as well.

1 Like

New computer
New certificate package (verified working in Postman app)
New version of postman-cli

Same error as in the last 4½ months
Same silent treatment from Postman team

Also, how soon is ‘coming soon’ for the Postmancli release notes?

I have the same issue with certs and can’t solve it

I think, I found the reason of this issue! I tried to make login via postman-cli on several configurations (windows+powershell, ubuntu 18.04, windows+wsl) and I get the error only on my company laptop (windows+wsl) with installed Kaspersky antivirus.

After several hours of searching in google, debugging postman-cli application via gdb and other torments I found this issue on WSL github - Cannot connect to HTTPS · Issue #3761 · microsoft/WSL · GitHub

Try to uninstall the Kaspersky Antivirus! Unfortunately, I don’t have admin rights on my working laptop to test this solution, but all my configurations without Kaspersky work fine.

I appreciate the extra info, unfortunately we’re not using kaspersky in my organization.

The error remains, but only in postman-cli as the Postman app accepts and uses the certificates I provide, including my organization’s own CA certificate.

What baffles me the most, is that the Postman team has completely ignored this issue for months. Even if this is working as designed (to push people into higher paying plans), the least they could do is tell us as much.

As a tester I’m stuck with Postman for now, but I’m glad to see my oprganization slowly migrating over to Bruno API

I don’t want to excuse the postman team, but most likely you and I have a problem with a self-signed certificate.
Try to run this command, written on this link https://support.postman.com/hc/en-us/articles/4416016147991-I-am-having-trouble-adding-client-certificates

openssl s_client -state -connect postman-echo.com:443 | openssl x509 -text

In my case, i don’t have any problems with login in systems where this command works, and have problems, were it does not work.