Support custom CA in HTTP notification

[Neraud]

What would you like to be added?

/kind enhancement

It would be great to be able to provide a custom CA (like curl --cacert) for the HTTP notification.

Why is this needed?

In situations where the target HTTPS service uses a certificate that isn't signed by a known CA, the only workaround is to completly disable TLS verification with skip_tls_verification: true

It's a better practice to allow the user to configure a custom CA and validate the certificate.

[github-actions]

@Neraud: Thanks for opening an issue, it is currently awaiting triage.

In the meantime, you can:

1. Check Crowdsec Documentation to see if your issue can be self resolved.
2. You can also join our Discord.
3. Check Releases to make sure your agent is on the latest version.

Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

[github-actions]

@Neraud: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.

• /kind feature
• /kind enhancement
• /kind bug
• /kind packaging

Details

I am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository.

[LaurenceJJones]

/kind enhancement
/triage accept

[LaurenceJJones]

Will be included in next release, however, there is a caveat since the plugins run as a low privilege user you must allow readable access to the configured user/group.