-
Notifications
You must be signed in to change notification settings - Fork 282
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Allow to disable SSL certificate validation #92
Comments
Hi Maik, I believe the command-line option you're looking for is --no_ssl |
Doesn't sound like it to be honest. Are you sure? |
I'm sorry, I believe you're correct - I answered too quickly. At the moment RESTler doesn't have an option to disable Python's default certificate validation. The entirety of the SSL code in RESTler can be found in messaging.py and the HttpSock constructor:
The ssl.create_default_context call performs the certificate checks by default. I think it should be possible to use ssl._create_unverified_context() or ssl._create_unverified_https_context() here, which hopefully could resolve your issue? |
Hi Maik, I made a quick update on branch rifiles/92. Would you mind giving it a try on your API when you get a chance? To disable you'll just need to add Thanks a lot |
@letmaik - Are you running on Linux or Windows ? We are using RESTler on Linux container and using these instructions to add certificates to Linux store worked for us. https://askubuntu.com/questions/645818/how-to-install-certificates-for-command-line |
The certs are temporary and I'd like to avoid adding them system-wide. A CLI flag to define the cert to use or alternatively an option to disable cert validation sounds more attractive to me. |
Since the flag to disable cert validation has been added, closing this issue. |
I'm trying to test an SSL-only API locally where the certificate is self-signed. I couldn't find an option to disable certificate validation.
The text was updated successfully, but these errors were encountered: