Turn off verification of self-signed certificate

[ghost]

During development on localhost, the dev certificate is self-signed. Getting this error

ERROR: RequestError - self signed certificate
RequestError: self signed certificate

Is there a way to turn that off in some config or per call?

[AnWeber]

you can create a .httpyac.json file. you can configure https.rejectUnauthorized

{
  "request": {
    "https":  {
      "rejectUnauthorized": false
     }
  }
}

alternative would be to pass --insecure as cli option

[ghost]

I'm using this inside VSCode thru the httpBook extension. It installed httpyac. I created a .httpyac.json file in the root of the project, that didn't work. Maybe there is a way to put that setting the settings.json file for httpyac? Sorry, noob.

[ghost]

Ok I figure that out. I added this to my settings.json file

"httpyac.requestGotOptions": {
        "request": {
            "https": {
                "rejectUnauthorized": false
            }
        }
    }

And that sees to have worked.

But I'm getting another error now:

ERROR: https://localhost:3000
{
  "url": "https://localhost:3000",
  "method": "GET",
  "http2": true,
  "headers": {
    "User-Agent": "httpyac"
  },
  "cookieJar": {
    "version": "tough-cookie@4.0.0",
    "storeType": "MemoryCookieStore",
    "rejectPublicSuffixes": true,
    "cookies": []
  },
  "followRedirect": true
}
ERROR: RequestError - Protocol "https:" not supported. Expected "http:"
RequestError: Protocol "https:" not supported. Expected "http:"
    at Request._makeRequest (/root/.vscode-server/extensions/anweber.vscode-httpyac-2.14.0/dist/extension.js:13979:19)
    at new ClientRequest (_http_client.js:155:11)
    at request (http.js:50:10)
    at Object.patched [as request] (/root/.vscode-server/bin/054a9295330880ed74ceaedda236253b4f39a335/node_modules/vscode-proxy-agent/out/index.js:297:24)
    at module.exports (/root/.vscode-server/extensions/anweber.vscode-httpyac-2.14.0/dist/extension.js:18626:14)
    at async Request._makeRequest (/root/.vscode-server/extensions/anweber.vscode-httpyac-2.14.0/dist/extension.js:13926:37)
    at async /root/.vscode-server/extensions/anweber.vscode-httpyac-2.14.0/dist/extension.js:13130:17

[AnWeber]

Right. That's the solution:-) But now you're falling over an error I've had too, but whose correct solution in vscode I haven't found yet. But unfortunately my hint for the solution does not work correctly. You need to disable setting http.proxySupport=override to http.proxySupport=off. Regarding my first suggestion. The .httpyac.json should also be loaded, but only when vscode is restarted. I check, only when starting the extension on the file. And the better solution in vscode is exactly the setting you found.

Noob? You figured out the structure of my project. Congratulations. I consider it an honor to have your time.

[AnWeber]

https://github.com/Huachao/vscode-restclient/issues/255 https://github.com/microsoft/vscode/issues/65118 https://github.com/microsoft/vscode/issues/12588

[AnWeber]

The error is more complicated than thought. In the end, the culprit is that I have http2 enabled by default. I will disable that now if https.proxysupport is enabled. With http2 enabled, a http2wrapper is used instead of default https package. The proxy injected by VSCode uses a rather unconventional method to recognize https and therefore does not correctly recognize the http2 wrapper.

[AnWeber]

I have released a new version (vscode-httpyac 2.14.1). Please let me know if the error still occurs.

[ghost]

Excellent, working 👍 Full fix is to also have this .httpyac.json at the root of my project and all works perfectly.

{
  "defaultHeaders": {
    "Accept": "*/*"
  },
  "request": {
    "https": {
      "rejectUnauthorized": false
    }
  }
}

I think the "Accept":"*/*" header should be by default as that's what CURL sends as well. Thank you !

[AnWeber]

thanks for the hint with the default accept header in curl. This is apparently also used as default in most browsers. I will add the header in the next version

[jpalawaga]

for onlookers who need to configure their vscode correctly and ended up here, the correct settings.json stanza is actually:

    "httpyac.requestGotOptions": {
        "https": {
            "rejectUnauthorized": false
        }
    }