# Add client certificate

This is a pre-built Action located under the **WebService List Element**. The functionality of this action in Avo Assure is to add a valid certificate file from the specified folder to the target Uniform Resource Locator (URL). A client certificate is added before sending an API request mainly for authentication and secure trust establishment.

This action supports the following certificate file types: 

* Java KeyStore (JKS) 
* Privacy Enhanced Mail (PEM)
* Personal Information Exchange (PFX)
* Public Key Cryptography Standards #12 (PKCS12)

## Syntax

**Input Value**: `<ClientPath>;<ClientKey_path>(Optional);<ClientKey_Pwd>[AES Encrypted](Optional);<ServerPath>(Optional)`&#x20;

| Argument                                               | Description                                                                                                    |
| ------------------------------------------------------ | -------------------------------------------------------------------------------------------------------------- |
| <p>\<ClientPath><br>(Required)</p>                     | Provide the path of a client certificate file for authenticating the request.                                  |
| <p>\<ClientKey\_path><br>(Optional)</p>                | Provide the path of the private key file from the local system associated with the client certificate.         |
| <p>\<ClientKey\_Pwd>\[AES Encrypted]<br>(Optional)</p> | Provide the encrypted password associated with the client certificate file.                                    |
| <p>\<ServerPath><br>(Optional)</p>                     | Provide the path of a server certificate or CA certificate for validating the server during the SSL handshake. |

**Output Value**: N/A

| Argument | Description    |
| -------- | -------------- |
| N/A      | Not Applicable |

### Example: Adding a Client Certificate to a Target URL

In this example, we explain how to attach a valid client certificate from the specified folder and enable secure authentication for the target URL.

* **Action**: Add client certificate
* **Input Value**: C:\Certificates\ClientCert.pem;C:\Certificates\PrivateKey.key;LzoRT2Mqd2nVctlrxiZd1A==;C:\Certificates\ServerCert.pem
  * The first argument (**C:\Certificates\ClientCert.pem**) specifies the path of the client certificate file used to authenticate the request.
  * The second argument (**C:\Certificates\PrivateKey.key**) specifies the path of the private key file associated with the client certificate.
  * The third argument (**LzoRT2Mqd2nVctlrxiZd1A==**) specifies the AES-encrypted password for the private key.
  * The fourth argument (**C:\Certificates\ServerCert.pem**) specifies the path of the server certificate file.
* **Logical Explanation**: The **Add client certificate** action fetches the values from the **Input Value** column (**C:\Certificates\ClientCert.pem;C:\Certificates\PrivateKey.key;LzoRT2Mqd2nVctlrxiZd1A==;C:\Certificates\ServerCert.pem**). The action validates the provided certificate paths, encrypted password, and attaches the certificate to the target URL.

<figure><img src="https://2174257472-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2Fk8QZzXZMIJSStKAzDSTu%2Fuploads%2FVZFRxIXR2ayDQl9mjuno%2Fimage.png?alt=media&#x26;token=33915013-d3cf-45e9-8fe3-a4e62ebaad7d" alt=""><figcaption></figcaption></figure>