Client Certificate not used in POST request

I am using the latest Postman app for Linux.

In the settings, I created a client certificate for a given domain “” by providing a *.p12 file in the PFX file entry and the matching passphrase.

Then, I started a POST request to . This results in an error.

The Postman console reports the problem:
Error: write EPROTO 139625998319616:error:14094410:SSL routines:ssl3_read_bytes:sslv3 alert handshake failure:…/…/vendor/node/deps/openssl/openssl/ssl/record/rec_layer_s3.c:1407:SSL alert number 40

According to the documentation, the client certificate should be used automatically because the domain name matches.

Am I doing something wrong? Why is this not working?

I was able to solve my own issue:

I noticed that the settings contained more configuration options which have definitely not been available directly after updating Postman to the latest version. (I created a screenshot.)

The configuration options now contain a “Working directory” and a setting “Allow reading files outside working directory”.
My certificate file was located outside of the working directory. Enabling the option did not change anything, though. The file was not read. (Access rights are correct.)
Only after copying the p12 file into the working directory of Postman and re-configuring the certificate with the new path, the client certificate was use.

So, my problem is solved. But maybe somebody would like to check:
a) Why wasn’t the setting available immediately?
b) Why is the setting “Allow reading files outside of the working directory” not working as expected?

1 Like

Thank you so much, after hours of research !!!