SSL Verification Option for Certificate Checking

caronc / nzb-notify

Push Notifications to a large number of supported services for NZBGet and SABnzbd (based on Apprise)

GNU General Public License v3.0

129 stars 15 forks source link

SSL Verification Option for Certificate Checking #20

Closed caronc closed 7 years ago

caronc commented 7 years ago

Issue #19 pointed out that SSL Certificate Verification is enforced by default which is ideal in preventing Man-In-The-Middle attacks. But some smaller setups (and home projects) just get the certificates and don't want to pay the $200 USD to get their certificates signed.

Add ?verify=False as an optional parameter one can specify when using the secure (https) web posting method to deactivate SSL Certificate verification.

seanvree commented 7 years ago

@caronc - so what's the entire script to run to test?

"python notify.py -b "test" ?verify=False -s mmosts://mydomain.com/wireapm5w7gfmek1jkr6zm0000 -D"

Also, my certs are NOT self-signed BTW.

caronc commented 7 years ago

Oh, that's weird. The error your reporting is documented as being caused by unsigned certificates (or no internet access to verify them with).

The check would be:

python notify.py -b "test"  -s mmosts://mydomain.com/wireapm5w7gfmek1jkr6zm0000?verify=False -D

seanvree commented 7 years ago

it works! See https://github.com/caronc/nzb-notify/issues/19