Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Configuration option to skip certificate validation for connection to ServiceControl #717

Closed
2 tasks done
HEskandari opened this issue Mar 29, 2017 · 6 comments
Closed
2 tasks done

Configuration option to skip certificate validation for connection to ServiceControl #717

HEskandari opened this issue Mar 29, 2017 · 6 comments
Assignees
@HEskandari
Labels
Feature
Milestone
1.9.0

Comments

@HEskandari
Copy link
Contributor

HEskandari commented Mar 29, 2017
edited
Loading

This is a spin-off of the discussion in #604.

This allows, for example, connections to ServiceControl running with a self-signed certificate.

We will allow this via an app config setting, which address the problem whether ServiceInsight is launched by the user directly, or via ServicePulse.

Plan of attack
@HEskandari
Copy link
Contributor Author

@Particular/servicecontrol-maintainers Had a spike on this, there is a problem with the proposed way of doing it.

The way the by-pass works is that once you set it, it will be there for the session and there's no way to roll it back. Also, the workaround is controlled via a static variable (ServicePointManager.ServerCertificateValidationCallback property) which means it is not per SC instance.

How do you propose we introduce the UI bit for it so that:

  • It clearly communicates that it is for all SC connection, not tied to a particular instance
  • It is per session at least (once the flag is set, you'll need to restart the app to set it back to default behavior)

I propose doing that via an option in the Settings screen.

@mikeminutillo
Copy link
Member

How common is this? Would it be problematic to simply make it an app.config setting with no UI?

@gbiellem
Copy link
Contributor

@mikeminutello i raised the original issue (#604), IMHO its very uncommon, i was not sure if it was worth supporting

@HEskandari
Copy link
Contributor Author

@mikeminutillo App.config could be an option, but we're not storing anything else in there (with the exception of binding redirects).

@adamralph adamralph mentioned this issue Sep 12, 2017
Closed
@HEskandari HEskandari added this to the 1.9.0 milestone Sep 12, 2017
@adamralph
Copy link
Contributor

@Particular/serviceinsight-maintainers discussed this today and we decided to add it as an app config setting (description updated). This is a low cost, low impact way for us to support this use case.

This was referenced Sep 26, 2017
Merged
Merged
@adamralph adamralph changed the title Allowing connection to ServiceControl running with a self-signed certificate Configuration option to skip certificate validation for connection to ServiceControl Oct 4, 2017
@adamralph
Copy link
Contributor

adamralph commented Oct 4, 2017
edited
Loading

FYI I changed the title and description, and unchecked "Make changes" in the POA, since that's only done when #756 is merged.

@WilliamBZA WilliamBZA removed the Focus label Nov 14, 2017
@WilliamBZA WilliamBZA mentioned this issue May 8, 2018
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@HEskandari HEskandari

Labels
Feature
Projects
None yet
Milestone
1.9.0
Development

No branches or pull requests
5 participants
@mikeminutillo @HEskandari @adamralph @WilliamBZA @gbiellem