add option to disable ssl verification

[JamesClonk]

Signed-off-by: Fabio Berchtold fabio.berchtold@swisscom.com

[cfdreddbot]

Hey JamesClonk!

Thanks for submitting this pull request! I'm here to inform the recipients of the pull request that you and the commit authors have already signed the CLA.

[JamesClonk]

Allows to disable the SSL certificate validation when talking to the BOSH director.
In our environments we always let BOSH generate its own self-signed certificates, as we do not ever expose the BOSH director endpoint to the outside world and run the BOSH VM in a secured network zone, the SSL security does not matter for us and we do not generate our own certificates to provide to BOSH in advance. The same holds true for bosh-lite.

[JamesClonk]

I had a bit trouble understanding to which places in the code I needed to make additions, but I hope it turned out alright. :smile: I'm unsure if adding BoshOpts to the 2 LoginStrategies was ok. Any thoughts on this?

[cppforlife]

Thanks for sending this as a PR. We are currently purposefully avoiding adding this feature to encourage people to properly secure directors. We are hoping to improve bootstrapping workflow (create-env command) in this new CLI (one of the reasons it's considered alpha) so that it's not a huge burden to generate CA certificates.

In our environments we always let BOSH generate its own self-signed certificates

We are actually planning to remove bosh release side certificate generation for two reasons:

• it doesnt generate ca hence there is no way to verify certificates (bad practice)
• it adds yet another place where/how we generate certificates, and we would like to minimize number of those places

The same holds true for bosh-lite

Since bosh-lites are designed to be used for development environments (and have a very static configuration) we've added CA cert to the bosh-lite repo that works for 192.168.50.4 and *.sslip.io (https://github.com/cloudfoundry/bosh-lite#ca-certificate). Of course since CA cert is shared for all bosh-lites, in this case it provides little additional security.

Hopefully by the time the CLI reaches GA we'll have made the improvements mentioned above which will avoid the need to introduce these sorts of allow-insecure behaviors into the CLI and avoid the temptation of using/supporting them.

[JamesClonk]

OK, makes sense. Didn't know about the bosh-lite CA, thanks! :+1: I'll close this PR then.