-
Notifications
You must be signed in to change notification settings - Fork 415
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support custom CA in HTTP notification #2142
Comments
@Neraud: Thanks for opening an issue, it is currently awaiting triage. In the meantime, you can:
DetailsI am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository. |
@Neraud: There are no 'kind' label on this issue. You need a 'kind' label to start the triage process.
DetailsI am a bot created to help the crowdsecurity developers manage community feedback and contributions. You can check out my manifest file to understand my behavior and what I can do. If you want to use this for your project, you can check out the BirthdayResearch/oss-governance-bot repository. |
/kind enhancement |
Will be included in next release, however, there is a caveat since the plugins run as a low privilege user you must allow readable access to the configured user/group. |
What would you like to be added?
/kind enhancement
It would be great to be able to provide a custom CA (like
curl --cacert
) for the HTTP notification.Why is this needed?
In situations where the target HTTPS service uses a certificate that isn't signed by a known CA, the only workaround is to completly disable TLS verification with
skip_tls_verification: true
It's a better practice to allow the user to configure a custom CA and validate the certificate.
The text was updated successfully, but these errors were encountered: