hanu
hanu14mo ago

Need help for running a ZAP scan for APIs.

I'm trying to configure the postman with ZAP so I can capture the API request and then scan them, but I'm having an issue configuring. I'm getting the responses fine when the requests are fired in Postman. But when I proxy the postman with ZAP, I'm getting an error saying, SSL Error: self signed certificate in certificate chain. I have no knowledge of how to do this and was only following the steps given by someone who did this before. (P.S: Our client specifically wanted a ZAP scan on this😴). Can someone please explain to me what to look for and how to do it clearly.
1 Reply
DirtyJ
DirtyJ14mo ago
Is the API server using a self signed cert? If so, you can try disabling the use PKI to sign remote host certs option in ZAP > Tools > Options Otherwise, you may need to install whatever cert is missing along the chain
More Posts
Need help enabling user bot commandsHey everyone!, I have created my first discord bot using python and the bot does show it connects iWindows 10 recovery media@everyone srry for ping but may someone help me, I have 3f0 boot error, and I got no other laptops, Problem with multi-handler on Evil-Droidhello, when i launch my listening, my terminal goes black i didn't see what i'm righting or the resuWindows updateIt doesn’t update anything help me please