Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot use CLI against server with self signed SSL certificate #1185

Closed
holgerstolzenberg opened this issue Sep 3, 2020 · 4 comments · Fixed by #1270
Closed

Cannot use CLI against server with self signed SSL certificate #1185

holgerstolzenberg opened this issue Sep 3, 2020 · 4 comments · Fixed by #1270
Assignees
@vadeg
Labels
area: cli Issue with a Command Line Tool type: enhancement

Comments

@holgerstolzenberg
Copy link

We are running a Zally server instance proxied by an Nginx VHost that also does the SSL offloading.
From our CI we try to run a Zally validation against this server using the CLI:

zally -l https://zally.theserver.org lint ./build/openapi.json

Causing this error:

Post "https://zally.theserver.org/api-violations": x509: certificate signed by unknown authority

As of now, it is not possible to skip the SSL validation.
Please add an argument for disabling the validation to the CLI (e.g. --skip-ssl-validation).
@tkrop
Copy link
Member

tkrop commented Jan 11, 2021

@holgerstolzenberg Thanks for raising this issue. Seems not to be to difficult to implement, e.g. as described in minio/minio-go#1019, however, validation is an essential step in communication security we are strongly interested in. Since we are lacking the resources (and priority) at the moment, we would welcome your contribution here and spend the time to review and test it.

@holgerstolzenberg
Copy link
Author

Could you please give me fingerpointer in the code, where the SSL stuff sits, so that I can have a preliminary look at it before making any promises!?

@vadeg vadeg added the area: cli Issue with a Command Line Tool label Jun 13, 2021
@vadeg vadeg self-assigned this Jun 23, 2021
@vadeg vadeg mentioned this issue Jun 28, 2021
Merged
vadeg added a commit that referenced this issue Jun 29, 2021
@vadeg
Merge pull request #1270 from zalando/gh-1185-add-skip-ssl-flag
37fa75b 
Add an optional flag to skip SSL request verification
@holgerstolzenberg
Copy link
Author

holgerstolzenberg commented Jul 7, 2021
edited
Loading

Any plans when this is going to be released?

@vadeg
Copy link
Contributor

vadeg commented Jul 7, 2021

@holgerstolzenberg most probably next week

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vadeg vadeg

Labels
area: cli Issue with a Command Line Tool type: enhancement
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add an optional flag to skip SSL request verification zalando/zally
3 participants
@holgerstolzenberg @vadeg @tkrop