New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
[BROOKLYN-280] add --skipSslChecks flag to work with self-signed certs #21
Conversation
- defaults to false, ie existing behaviour - setting to true disables certificate chain and hostname verificiation (see `InsecureSkipVerify` in https://golang.org/pkg/crypto/tls/) - persisted to ~/.brooklyn_cli ``` bash-4.3$ br login https://10.10.10.100:8443/ admin password Get https://10.10.10.100:8443/v1/server/version: x509: certificate signed by unknown authority bash-4.3$ br app Get https://10.10.10.100:8443/v1/applications: x509: certificate signed by unknown authority bash-4.3$ br --skipSslChecks login https://10.10.10.100:8443/ admin password Connected to Brooklyn version 0.10.0-20160513.2042 at https://10.10.10.100:8443 bash-4.3$ br app Id Name Status Location ```
@@ -39,7 +39,7 @@ var appConfig = configDefaults{ | |||
Name: os.Args[0], | |||
HelpName: os.Args[0], | |||
Usage: "A Brooklyn command line client application", | |||
Version: "0.9.0", | |||
Version: "0.10.0-SNAPSHOT", |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Add an inline comment BROOKLYN_VERSION
, or a comment on the line above BROOKLYN_VERSION_BELOW
to have this changed automatically.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
thanks @neykov forgot about that
I'm tempted to change the flag to match
wdyt? |
+1 to matching curl |
👍 LGTM, I have pulled and tested this and it works well. Think this is a valuable addition to the tool. |
I don't think this necessarily needs to change to match the "-k / --insecure" of curl, the current flag has a nicely meaningful name. |
Thanks @geomacy should be good to merge now |
[BROOKLYN-280] add --skipSslChecks flag to work with self-signed certs - defaults to `false`, ie existing behaviour - setting the flag `--skipSslChecks` disables certificate chain and hostname verification (see `InsecureSkipVerify` in https://golang.org/pkg/crypto/tls/) - persisted to `~/.brooklyn_cli` - also bumped version to `0.10.0-SNAPSHOT` ``` bash-4.3$ br login https://10.10.10.100:8443/ admin password Get https://10.10.10.100:8443/v1/server/version: x509: certificate signed by unknown authority bash-4.3$ br app Get https://10.10.10.100:8443/v1/applications: x509: certificate signed by unknown authority bash-4.3$ br --skipSslChecks login https://10.10.10.100:8443/ admin password Connected to Brooklyn version 0.10.0-20160513.2042 at https://10.10.10.100:8443 bash-4.3$ br app Id Name Status Location ``` *Note*: I'd no apps running on this system so the empty table is ok, catalog returns as expected. ```json { "auth": { "https://10.10.10.100:8443": { "password": "password", "username": "admin" } }, "skipSslChecks": true, "target": "https://10.10.10.100:8443" } ```
Add stop, start and restart commands.
false
, ie existing behaviour--skipSslChecks
disables certificate chain and hostname verification (seeInsecureSkipVerify
in https://golang.org/pkg/crypto/tls/)~/.brooklyn_cli
0.10.0-SNAPSHOT
Note: I'd no apps running on this system so the empty table is ok, catalog returns as expected.