-
Add-ons
- Access Control Testing
-
Active Scan Rules
-
Active Scan Rules - Alpha
-
Active Scan Rules - Beta
-
Advanced SQLInjection Scanner
- AJAX Spider
- Alert Filters
- All In One Notes
-
AMF Support
-
Authentication Statistics
-
Bean Shell Console
-
BIRT Reports
-
Browser View
-
Bug Tracker
-
Call Graph
-
Code Dx
-
Common Library
-
Community Scripts
-
Custom Payloads
-
Custom Report
-
Diff
-
Directory List v1.0
-
Directory List v2.3
-
Directory List v2.3 LC
- DOM XSS Active Scan Rule
- Encode / Decode / Hash dialog
-
Export Report
- Forced Browse
-
Form Handler
-
FuzzDB Files
-
FuzzDB Offensive
-
FuzzDB Web Backdoors
- Fuzzing
-
Getting Started Guide
-
GraalVM JavaScript
- GraphQL Support
- Groovy Support
-
Highlighter
-
HTTPS Info
- The HUD
-
Import URLs
- Invoke Applications
-
JSON View
-
Kotlin Support
-
Linux WebDrivers
-
Log File Importer
-
MacOS WebDrivers
-
Neonmarker
-
Online Menu
-
OpenAPI Support
-
Passive Scan Rules
-
Passive Scan Rules - Alpha
-
Passive Scan Rules - Beta
- Plug-n-Hack
- Port Scan
- Python Scripting
- Quick Start
-
Regular Expression Tester
-
Replacer
-
Report Alert Generator
-
Requester
-
Retire.js
-
Reveal
-
Revisit
-
Ruby Scripting
-
SAML Support
-
Save Raw Message
-
Save XML Message
- Script Console
- Selenium
-
Sequence Scanner
- Server-Sent Events
-
SOAP Support
-
SVN Digger Files
-
Technology Detection
-
Tips and Tricks
-
TLS Debug
- Token Generation and Analysis
-
TreeTools
-
ViewState
- WebSockets
-
Windows WebDrivers
-
Zest
-
Releases
- Release 1.0.0
- Release 1.1.0
- Release 1.2.0
- Release 1.3.0
- Release 1.3.1
- Release 1.3.2
- Release 1.3.3
- Release 1.3.4
- Release 1.4.0
- Release 1.4.1
- Release 2.0.0
- Release 2.1.0
- Release 2.10.0
- Release 2.2.0
- Release 2.2.1
- Release 2.2.2
- Release 2.3.0
- Release 2.3.1
- Release 2.4.0
- Release 2.4.1
- Release 2.4.2
- Release 2.4.3
- Release 2.5.0
- Release 2.6.0
- Release 2.7.0
- Release 2.8.0
- Release 2.9.0
-
Getting Started
- Scanner Rules
-
Features
- Add-ons
- Alerts
- Anti CSRF Handling
- API
- Active Scan
- Authentication
- Authentication Methods
- Authentication Verification Strategies
- Breakpoints
- Callbacks
- Contexts
- Custom Page
- Data Driven Content
- Globally Excluded URLs
- HTTP Sessions
- Manipulator-in-the-middle Proxy
- Marketplace
- Modes
- Notes
- Passive Scan
- Scan Policy
- Scope
- Scripts
- Session Management
- Sites Tree
- Spider
- Statistics
- Structural Modifiers
- Structural Parameters
- Tags
- Users
- A basic penetration test
- Configuring Proxies
-
Desktop UI Overview
-
Dialogs
- Add Alert dialog
- Add/Edit Breakpoint dialog
- Add Note dialog
- Active Scan dialog
- Encode / Decode / Hash dialog
- Find dialog
- History Filter dialog
- Manual Request Editor dialog
- Manage Add-ons
- Manage Tags dialog
-
Options dialog
- Options Alerts screen
- Options Anti CRSF screen
- Options API screen
- Options Active Scan screen
- Options Active Scan Input Vectors screen
- Options Breakpoints screen
- Options Callback Address screen
- Options Client Certificate screen
- Options Check for Updates screen
- Options Connection screen
- Options Database screen
- Dynamic SSL Certificates
- Options Extensions screen
- Options Global Exclude URL screen
- Options HTTP Sessions screen
- Options JVM screen
- Options Keyboard screen
- Options language screen
- Options Local Proxies screen
- Options Passive Scan Tags screen
- Options Passive Scanner Screen
- Options Passive Scan Rules Screen
- Options Rule Configuration screen
- Options Scripts screen
- Options Search screen
- Options Spider screen
- Options Statistics screen
- Options Display screen
- Persist Session dialog
- Scan Policy Dialog
- Scan Policy Manager dialog
- Scan Progress Dialog
- Session Properties dialog
- Spider dialog
- Footer
- The Tabs
- Top Level Menu
- Top Level Toolbar
- Views
-
Dialogs
- Documentation
- The OWASP ZAP Desktop User Guide
- Desktop UI Overview
- Dialogs
- Options dialog
- Options Client Certificate screen
Options Client Certificate screen
The Client Certificate screen allows you to add a client certificate for ZAP to use when testing applications protected using mutual SSL. It is also possible to set the Client Certificate from the command line with the following switches:
-config certificate.use=true
-config certificate.pkcs12.path=/path/to/file.p12
-config certificate.pkcs12.password=WhateverThePasswordIs
-config certificate.pkcs12.index=1
-config certificate.persist=true
-config certificate.pkcs12.index is only necessary if the file contains multiple certificates
and you wish to use one other than the first. Index values start at zero (0) which is the first certificate
in the file.
-config certificate.persist=true is only necessary if you would like the settings persisted in ZAP's regular
configuration file (so that they apply for subsequent ZAP use).
See also
| UI Overview | for an overview of the user interface | |
| Options dialogs | for details of the other Options dialog screens | |
| Command Line | for details of the Command Line |