Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

TLS Trust settings not applying to proxied connections #3747

Open
2 tasks done
byjrack opened this issue Jan 7, 2025 · 2 comments
Open
2 tasks done

TLS Trust settings not applying to proxied connections #3747

byjrack opened this issue Jan 7, 2025 · 2 comments
Assignees
Labels
bug Something isn't working

Comments

@byjrack
Copy link

byjrack commented Jan 7, 2025

I have checked the following:

  • I use the newest version of bruno.
  • I've searched existing issues and found nothing related to my issue.

Describe the bug

macOS 15.2 / Bruno 1.37.0

Error invoking remote method 'send-http-request': Error: self signed certificate in certificate chain

I have tried both disabling completely and using the Custom CA file (with and without keep default) all with the same results.

Proxy is set to System (no envs in play) and is PAC based.

Developer Tools showing the issues with loading the results, but not the cause of the issue. Couldn't track down any logic logging.

I did spot #725 which seemed to reflect this specific issue, but I don't see any code not using the Patched function. Going to try and debug to see if I can figure out why CA prefs are being dropped for a proxied connection.

.bru file to reproduce the bug

Any GET to a resource where you have a proxy overriding TLS in the connection.

Screenshots/Live demo link

image

@byjrack byjrack added the bug Something isn't working label Jan 7, 2025
@byjrack
Copy link
Author

byjrack commented Jan 7, 2025

So I am wondering if that setting in General only applies when an explicit proxy is in play and in my case we have an implicit proxy solution? Looking at the stacktrace running debug I can't find any indication that rejectUnauthorized is being added to the request itself via options.

The TLS/CA prefs are in General so I expected they would just be on all Agent declarations, but maybe a bad assumption. Likely can workaround w NODE_EXTRA_CA_CERTS in an rc file, but prefer to figure out why the prefs are not working as expected.

@byjrack
Copy link
Author

byjrack commented Jan 8, 2025

I did test and if I have NODE_EXTRA_CA_CERTS in scope the same call works fine. Something just doesn't seem to be wired correctly with the global prefs for enable/disable CA and specifying a file.

@ganesh-bruno ganesh-bruno self-assigned this Jan 10, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
bug Something isn't working
Projects
None yet
Development

No branches or pull requests

2 participants