Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Failed to verify certificate #88

Open
Caelebs opened this issue Feb 26, 2024 · 5 comments
Open

Failed to verify certificate #88

Caelebs opened this issue Feb 26, 2024 · 5 comments

Comments

@Caelebs
Copy link

Caelebs commented Feb 26, 2024
edited
Loading

I have an HTTPS service with a certificate issued based on a domain name, but proxyscotch tells me that it cannot validate the certificate when I access it from an IP address in a development environment. Is there any option or configuration to turn off certificate validation? Just like Insomnia, I can uncheck "Validate certificates".

proxyscotch  | 2024/02/26 15:10:51 Failed to write response body: Post "https://10.10.10.109:10010/robot/controlTask": tls: failed to verify certificate: x509: cannot validate certificate for 10.10.10.109 because it doesn't contain any IP SANs

Here's my compose config file

version: '3.8'

services:
  proxyscotch:
    image: hoppscotch/proxyscotch:latest
    container_name: proxyscotch
    hostname: proxyscotch-1
    ports:
      - '9159:9159'
    restart: always
    networks:
      - default
networks:
  default:
    external: true
    name: demo_default
@SamJakob
Copy link
Contributor

Looks like this will require a code tweak to expose this as a config option. I'll look into this.

@r-brown
Copy link

r-brown commented Mar 18, 2024

Got similar error while proxying requests to the https with the self-signed certificate:
Failed to write response body: Post "https://host" tls: failed to verify certificate: x509: certificate signed by unknown authority

@SamJakob any plans to add support for that soon?

@Caelebs
Copy link
Author

Caelebs commented Apr 8, 2024

You can modify line 319 in the libproxy/proxy.go file to be as follows:

var client = &http.Client{  
	Transport: &http.Transport{  
		TLSClientConfig: &tls.Config{  
			InsecureSkipVerify: true,  
		},  
	},  
}

Then repackage the docker image. @r-brown

@XiEdAotonG
Copy link

You can modify line 319 in the libproxy/proxy.go file to be as follows:

var client = &http.Client{  
	Transport: &http.Transport{  
		TLSClientConfig: &tls.Config{  
			InsecureSkipVerify: true,  
		},  
	},  
}

Then repackage the docker image. @r-brown

sorry , I can not find this code in the libproxy/proxy.go

@gtouati
Copy link

gtouati commented Oct 2, 2024

Replace that with the provided snippet from previous answer and don't forget to import "crypto/tls"

proxyscotch/libproxy/proxy.go

Line 316 in cc0c4c7

var client http.Client

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@r-brown @gtouati @Caelebs @SamJakob @XiEdAotonG