Performing Mutual TLS Authentication with Rest Assured

It's possible that you want to perform mutual TLS authentication to further secure your APIs.

If you're writing a Java project, it's possible you're using Rest Assured to interact with your API.

But it's not immediately obvious how we can actually set it up within Rest Assured. Fortunately, if we look at the auth() method, which returns an AuthenticationSpecification, there is a certificate method, which allows us to pass in a pre-created JKS keystore and its password:

String pathToKeystore = "/path/to/keystore.jks";
String keystorePassword = "changeit";

    .certificate(pathToKeystore, keystorePassword)

Rest Assured will then go through the keystore and authenticate with the key it needs.

Note that this was tested with Rest Assured v4.0.0.

Written by Jamie Tanna's profile image Jamie Tanna on , and last updated on .

Content for this article is shared under the terms of the Creative Commons Attribution Non Commercial Share Alike 4.0 International, and code is shared under the Apache License 2.0.


This post was filed under articles.

Related Posts

Other posts you may be interested in:

Interactions with this post

Interactions with this post

Below you can find the interactions that this page has had using WebMention.

Have you written a response to this post? Let me know the URL:

Do you not have a website set up with WebMention capabilities? You can use Comment Parade.