search

SecurityRiskAdvisors / VECTR

VECTR is a tool that facilitates tracking of your red and blue team testing activities to measure detection and prevention capabilities across different attack scenarios
1.34k stars 156 forks source link

SSO integration with internal IdP - Certificate Validation Fails #231

Closed BenjaminHae closed 1 year ago

BenjaminHae commented 1 year ago

Describe the bug Using an internal Identity Provider with OpenID Connect for SSO with a tls certificate issued by our internal ca fails.

To Reproduce

  1. Setup an Identity Provider with a tls certificate issued by an internal CA.
  2. Setup the OpenID Connect provider in VECTR
  3. After configuring the Identity provider the following error message is shown: SSL handshake error while connecting to the metadata URL. The host is using an SSL certificate that is not trusted.

Expected behavior I'd expect a possibility to configure a root CA that is used for the TLS connection to the IdP.

Screenshots image

Desktop (please complete the following information):

doodleincode commented 1 year ago

Please discuss or track any progress on this issue here: #228 . Both are related to the usage of untrusted TLS certs.

Closing this issue as duplicate.