Harbor http_auth should not skip SSL check on connection to external auth endpoint

[ericvmw]

WCP auth mode http_auth establishes connection to external auth endpoint, the current default configuration skips the SSL cert check on the external auth endpoint connection. This exposes Harbor auth to man-in-the-middle attack, which can lead to user login credentials leakage.

Instead the default configuration for external auth endpoint should enable SSL cert, and provide configurations to establish the SSL cert trust with the external auth endpoint. This can provide a way to maintain the SSL certificate trust with configuration updates even if the external auth endpoint SSL cert is changed.

Versions: Please specify the versions of following systems.

• harbor version: 1.9.1

Additional context:

[reasonerjt]

We'll need to decide what option we have for storing the certificate. Not very sure if storing the trusted cert in DB to emulate a truststore is the right approach secruity-wise.

[reasonerjt]

We'll try to introduce a trust cert manager in Harbor for that purpose. There are 2 ways of doing it:

1) admin needs to explicitly manage the trust, @ericvmw for you case admin will first call an API to put the cert into Harbor and gets and ID. then calls configurations API to reference that ID in an attribute like authproxy_certificate_ref 2) It will be implicitly used when user tries to update the cert via configurations API. i.e. when user tries to update authproxy_certificate works is done under the hood and the GET will also return the complete certificate

@ericvmw I assume option 2 is preferred?

[reasonerjt]

fixed in https://github.com/goharbor/harbor/pull/10133 https://github.com/goharbor/harbor/pull/10132 https://github.com/goharbor/harbor/pull/10088