Implement support for private key passphrases

2025-08-10 22:42:05 +02:00 · 2022-03-01 17:16:37 +03:00
parent 98688b2f2d
commit 15013fd609
10 changed files with 223 additions and 13 deletions
--- a/httpie/client.py
+++ b/httpie/client.py
@@ -19,7 +19,7 @@ from .encoding import UTF8
 from .models import RequestsMessage
 from .plugins.registry import plugin_manager
 from .sessions import get_httpie_session
-from .ssl_ import AVAILABLE_SSL_VERSION_ARG_MAPPING, HTTPieHTTPSAdapter
+from .ssl_ import AVAILABLE_SSL_VERSION_ARG_MAPPING, HTTPieCertificate, HTTPieHTTPSAdapter
 from .uploads import (
    compress_request, prepare_request_body,
    get_multipart_data_and_content_type,
@@ -262,7 +262,14 @@ def make_send_kwargs_mergeable_from_env(args: argparse.Namespace) -> dict:
    if args.cert:
        cert = args.cert
        if args.cert_key:
-            cert = cert, args.cert_key
+            # Having a client certificate key passphrase is not supported
+            # by requests. So we are using our own transportation structure
+            # which is compatible with their format (a tuple of minimum two
+            # items).
+            #
+            # See: https://github.com/psf/requests/issues/2519
+            cert = HTTPieCertificate(cert, args.cert_key, args.cert_key_pass.value)
+
    return {
        'proxies': {p.key: p.value for p in args.proxy},
        'stream': True,